Am 14.09.2013 20:51, schrieb Matthew J. Roth: > Please ignore my first reply. I accidentally hit 'Send' before it was complete. i am not that slow in answers, too late however, it will take days until my posts reach the list due the holy grail of moderation............. >> www-data is *debian* because on Redhat the user/groups is named "apache" >> if you use google add your distribution to the search string! > > Please explain how the specific user Apache is running as is relevant. Is it > only an indicator of the distribution the example is based on? If so, are you > saying that distributions without SELinux support cannot securely allow Apache > to write files within DocumentRoot? > >> besides that there a *two* levels to care: FS-permissions *and* SELinux >> >> chown apache:apache /path/to/folder/ >> chmod 770 /path/to/folder/ >> >> http://david-latham.blogspot.co.at/2008/08/allow-httpd-apache-to-write-to-files.html > > Are you saying to allow Apache write access, but to use SELinux to limit the > directories and files it can update? That sounds reasonable to me, but I get > the impression that Tim had something else in mind from his very specific > statement: > > You should NOT change ownership of /var/www/http to Apache, never do > that. That's a VERY BAD THING!!!!!! i know that because it is my job to know that i explained it also well in my reply
Attachment:
signature.asc
Description: OpenPGP digital signature
-- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
