LinuxQuestions.org
Download your favorite Linux distribution at LQ ISO.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices

Reply
 
Search this Thread
Old 05-20-2011, 09:37 PM   #1
Morten
LQ Newbie
 
Registered: May 2011
Posts: 5

Rep: Reputation: Disabled
Permissions for an apache webserver


Hi,

I'm running my own Debian 6.0 server. I have used the following guide for setting the system up (did not install ispconfig):

http://www.howtoforge.com/perfect-se...er-ispconfig-3

A short summary:
Apache 2.2.16, Postfix mail server, MySQL, BIND nameserver, PureFTPd, SpamAssassin, ClamAV, Fail2ban, MySQL.

For the handling of homepages I use the apache directive in virtual.conf.

However I'm not quite sure, what to do with permissions. My ftp-users (virtual and chrooted) are all running as user 'ftpuser' as a member of 'ftpgroup'.

My current setup is as follows:

/var/www/ drwxrwxr-x root root
/var/www/domain.dk/ drwxr-xr-x ftpuser ftpgroup
/var/www/domain.dk/index.php -rw-r--r-- ftpuser ftpgroup

Currently it isn't possible for PHP to create new files in directory "domain.dk", only for the ftp users. I would like both to be able to do so.
With security in mind, is it okay, to make apache a part of the 'ftpgroup', which would give apache access to all domains?

Do you have any other suggestions for improving security?

Best regards
Morten
 
Old 05-21-2011, 04:32 AM   #2
hua
Member
 
Registered: Oct 2006
Location: Slovak Republic
Distribution: Slackware 13.37, 14.0
Posts: 396

Rep: Reputation: 49
There is a very good thread about this issue. Especially the post of NominalAnimal.
http://www.linuxquestions.org/questi...287/page2.html

Last edited by hua; 05-21-2011 at 04:34 AM.
 
  


Reply

Tags
access, apache2, debian, permissions, server


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
[SOLVED] Lack basic understanding of permissions(apache permissions problem) cK` Linux - Newbie 7 04-09-2010 12:49 AM
Apache Webserver on Slackware - Failed to Start Apache - 'no listening sockets .." CCTVGuru Linux - Server 4 10-11-2009 02:14 AM
Apache webserver Help.. co_macho Mandriva 5 02-26-2006 11:22 PM
Apache Webserver 403 Forbidden Errors (User not in apache group?) Mankind75 Mandriva 4 07-08-2004 06:30 AM
Apache webserver trusouthrnplaya Linux - Networking 1 03-30-2003 12:34 PM


All times are GMT -5. The time now is 12:41 AM.

Main Menu
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
identi.ca: @linuxquestions
Facebook: linuxquestions Google+: linuxquestions
Open Source Consulting | Domain Registration