File Permissions
Jim Cornette
fc-cornette at insight.rr.com
Wed Feb 21 11:36:06 UTC 2007
Tim wrote:
> On Tue, 2007-02-20 at 20:14 -0500, Jim Cornette wrote:
>> Isn't apache limited on what it can access, even more than a regular
>> user?
>
> Yes, by SELinux. You need to use appropriate contexts for files to be
> served by Apache, or disable SELinux protection on the web server. I'd
> only do that if you were only locally serving files for testing.
>
I would want to have protection from SELinux if the site ever was used
for Internet or Intranet usage. I have seen infiltration attempts toward
Windows computers on out Intranet so trust would not be possible with
open services.
I'll have to read up on the most secure way to setup the files being
served out. I believe I hit on suggestions on google searches concerning
the issues. One was from a Rich, who may be the same person as
previously responded and is in agreement with your suggestions. (Setup
document web admin and separate script web admin groups for maintaining
the files).
Thanks!
Jim
More information about the users
mailing list