RE: [users@httpd] Apache2 on Debian

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Brian-
	Your question depends on what you mean by "everything".  If you're
talking strictly about the directories that hold static files, it's fine
that root owns it.  Please note, however, that that it should be "world
readable" or else the www-data user/group won't be able to even read it, and
therefore won't be able to serve it out.
	On the other hand, if you are talking about file systems such as CGI
directories (usually defined in the <Directory /cgi-bin> directive),
permissions should be carefully planned and analyzed, as malicious users
could do great damage to yours and other systems if these are improperly
set.
	Finally, if you have other processes running that will need to
access portions of your file system, you'll need to make sure that those
UIDs have been added to the necessary group, or that the proper world-scoped
permissions have been applied to the necessary parts of the file tree.

Hope that helps!

Kermit Short
System Administrator
CCN-DC-1 D-Div
 
ph: 7-6360
pg: 4-5165
em: k_short@xxxxxxxx
-----Original Message-----
From: Brian Street [mailto:bstreet@xxxxxxxxxxxxxxxxx] 
Sent: Monday, January 23, 2006 3:36 PM
To: users@xxxxxxxxxxxxxxxx
Subject: [users@httpd] Apache2 on Debian

Hello everyone,

I'm interested in whether or not people running Apache2 on Debian 3.1 create
a separate user for the web directory (/var/www/xxx).

The default install has root owning everything, but starting the web server
as www-data.

Thank you,
Brian.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux