User apache only needs read access except under special conditions, such as a script that needs to store configuration in a file. And a lot of apps store their state in a DB so they don't need filesystem write access at all. Set the permissions as strict as possible, so that if an attacker finds a bug in apache, he does as little damage as possible. _______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
Re: apache docroot permissions
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
- To: CentOS mailing list <centos@xxxxxxxxxx>
- Subject: Re: apache docroot permissions
- From: Kenneth Porter <shiva@xxxxxxxxxxxxxxx>
- Date: Wed, 04 May 2011 10:58:24 -0700
- Delivered-to: centos@xxxxxxxxxx
- In-reply-to: <BANLkTimDLgDMnWHnWQ-1SrEu_jEB41Sj3w@xxxxxxxxxxxxxx>
- References:
- apache docroot permissions
- From: Johan Martinez
- apache docroot permissions
- Prev by Date: Finding wich files a writen to
- Next by Date: Re: Finding wich files a writen to
- Previous by thread: apache docroot permissions
- Next by thread: Re: apache docroot permissions
- Index(es):
 |