On Wed, May 4, 2011 at 12:58 PM, Kenneth Porter <shiva@xxxxxxxxxxxxxxx> wrote:
User apache only needs read access except under special conditions, such as
a script that needs to store configuration in a file. And a lot of apps
store their state in a DB so they don't need filesystem write access at
all.
Set the permissions as strict as possible, so that if an attacker finds a
bug in apache, he does as little damage as possible.
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
Thanks for the suggestions Richard and Kenneth. I installed drupal here and it requires user running apache to have write access on filesystem. Otherwise it complains: 'The directory sites/default/files is not writable'. The content editors/developers need write access to theme/pictures folders. So it seems like I can't avoid giving write access to apache user. Any hacks or tips here?
jM.
_______________________________________________ CentOS mailing list CentOS@xxxxxxxxxx http://lists.centos.org/mailman/listinfo/centos
