LinuxQuestions.org
Visit Jeremy's Blog.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Security
Reload this Page Is this a security risk?
User Name
Password
Linux - Security This forum is for all security related questions.
Questions, tips, system compromises, firewalls, etc. are all included here.

Notices


Reply
  Search this Thread
Old 01-17-2008, 11:16 PM   #1
jim.thornton
Member
 
Registered: May 2007
Posts: 430

Rep: Reputation: 19
Is this a security risk?

I'm in the process of setting up a VPS/Hosting Company. As one of the accounts, I will be running a personal site off it.

I just uploaded a .tar.gz file to the public_html and extracted everything, no problems.

When I log in to DirectAdmin and look at the file manager, I notice that all the files that I just extracted are the owner and the group of root. I assume that this is because I ran tar in su mode.

So, now to the question, having these files as the owner/group root/root... Is that a security risk??
 
Old 01-18-2008, 01:55 AM   #2
thedonkdonk
Member
 
Registered: Oct 2005
Location: San Jose, CA
Distribution: Fedora, RHEL, CentOS
Posts: 136

Rep: Reputation: 16
No problem. In fact this would make it more secure. I have all my website files owned as root. Apache just needs read permissions on .html and .php files and execute permissions on anything in what ever you have setup as the cgi-bin directory.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Security Risk computerdude Linux - Security 3 08-31-2005 02:25 PM
Security Risk? N|k0N Linux - Security 7 10-02-2004 04:52 PM
is this a security risk? shanenin Linux - Security 8 11-02-2003 04:27 PM
security risk? Notfromkansas Linux - Security 12 04-04-2002 10:30 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Security

All times are GMT -5. The time now is 10:05 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration