On Jun 21, 2011, at 8:30 AM, m.roth@xxxxxxxxx wrote:
> John Hodrien wrote:
>> On Tue, 21 Jun 2011, Todd Cary wrote:
> <snip>
>>> My /var/www/html files have been manually set by me to
>>> apache/apache 774. This allows my PHP applications to access the
>>> files, and I assume this is a "good" setting.
>>>
>>> Now, my server is connected via Samba to my desktop. If I create
>>> a file, it is todd/todd 744, so Apache cannot access them.
>>>
>>> If PHP (Apache) creates or modifies a file, it is apache/apache
>>> 755, so I cannot access them (Write/Delete).
> <snip>
>> Either have a group that you're both a member of and have a SGID bit set
>> on the relevent directories using that gruop, or look at ACLs.
>
> To expand on John's cmts. I'd make you a member of the apache group -
> that's usermod -G apache todd, making it a secondary group, *not* your
> personal primary group.
----
this is what I would do but the apache group would necessarily have write permissions to the directory & files you want to edit.
I would however recommend that all other directories NOT have group write permissions or better yet, be owned by someone else (possibly root:root) as a means of security.
Craig
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
