On Fri, 31 Oct 2008, Camron W. Fox wrote:
[Our customer has] asked, that we change the default directory
permission/ownership of /var/www/html,cgi-bin, instead of using the
Documentroot and ScriptAlias parameters in the apache configuration.
drwxr-xr-x 2 root root 4096 Jan 11 2008 /var/www/cgi-bin
drwxr-xr-x 2 root root 4096 Jan 11 2008 /var/www/html
to
drwxrwxr-x 2 root user 4096 Jan 11 2008 /var/www/cgi-bin
drwxrwxr-x 2 root user 4096 Jan 11 2008 /var/www/html
We have explained that it is preferable *not* to modify the default
filesystem configuration of the underlying OS and have recommended
that they customize the app by specifying a location of their choice
in httpd.conf. They argue that they "just want to use the system
default location". There is no *technical* reason for this,
according to them. The location does not affect the app.
None of the other web servers we manage for them use the RHEL apache
default, they all have customized locations for content and scripts.
My question is:
What argument, if any, would you use to try and convince the
customer that this is a bad idea/bad practice?
Updates to the httpd package will overwrite those permissions, so
there will need to be a cron job (or very vigilent SA) that monitors
those perms, re-customizing them as necessary.
Otherwise, what they're asking isn't all that unusual, imo.
--
Paul Heinlein <> heinlein@xxxxxxxxxx <> http://www.madboa.com/
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
