On Wed, Jul 04, 2007 at 11:36:06AM -0700, bruce wrote: > andrew... > > are you sure about this... i would have thought that if you have an apache > user 'apache' and allow php to be run as/by 'apache' than this would provide > complete access to anything php needs to do as 'apache'. > > this should definitely work if you allow the 'group' for the apache err log > files be accessed by this user... > > so.. i ask again.. are you sure about this.. > Hi all... the only owner with write permissions of the logs is root! I mean the standard configuration for the apache webserver. Read permissions for groups for the apache logs can be different per distribution. You can configure your environment for the PHP processes to log in seperate files. If you allow write access for the 'group' you open the door wide for hackers. greetings Mario -- ----------------------------------------------------- | havelsoft.com - Ihr Service Partner für Open Source | | Tel: 033876-21 966 | | Notruf: 0173-277 33 60 | | http://www.havelsoft.com | | | | Inhaber: Mario Günterberg | | Mützlitzer Strasse 19 | | 14715 Märkisch Luch | -----------------------------------------------------
Attachment:
pgpcKfhJ3CqPE.pgp
Description: PGP signature
