When apache drops root priv to other user does...?
Hi Peeps,
When apache is set-up to drop root priv to what ever user, i beleive the files and folders need to be owned by apache the question is does this include the web files that are being served? so... /usr/local/apache2/htdocs/*web files here* Do they also have to be owned by apache with say a chmod 755?? Cheers |
I don't think the files need to be owned by apache unless they need to be writable by apache. In our environment we have files owned by web developers that need to upload and modify the files. If they were owned by apache then we would have to add developers to the apache group.
|
thanks, its for this reason i was asking, (web devs) and i'm trying to hot up on what they can access and change etc etc. Lock down the system a bit more
Cheers |
All times are GMT -5. The time now is 06:27 AM. |