Re: Using Samba to share Apache web root, securely

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] 

On Tue, 2011-08-09 at 23:03 +0200, Leonard den Ottolander wrote:
> Hello Craig,
> 
> On Tue, 2011-08-09 at 08:44 -0700, Craig White wrote:
> > I'm quite sure that if all the files are owned by the 'department_a'
> > group and 'readable' by user apache as I have indicated,
> 
> > - create mask 664 & directory mask 775
> 
> Perhaps I should have made explicit in my post that I wouldn't recommend
> such file permissions. Apache accessing files with world permissions is
> ugly and it makes it impossible to run f.e. php with safe_mode or have
> apache write files other than by allowing the world write access. Which
> is why I described that setup with a shared group.
----
please explain to me how the above octal permissions with user root &
group department_a translate to giving apache write access or even world
write access.

For that matter, please explain how if any html directory served by
apache (runs as user/group apache/apache)...

user/group root/department_group
files 0664
directories 1775

are in any way vulnerable to world write access or otherwise represent
an insecure configuration because I want to learn.

I think this is reasonably secure configuration.

Craig

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux