File Permissions
Dotan Cohen
dotancohen at gmail.com
Wed Feb 21 16:40:05 UTC 2007
On 21/02/07, Tim <ignored_mailbox at yahoo.com.au> wrote:
> On Tue, 2007-02-20 at 16:03 +0200, Dotan Cohen wrote:
> > I've got rootDirectory as /home/user/public_html/, not /var/www.
> > Apache is in the group user. I've got group permission as read only.
>
> You don't need to have Apache as any sort of user or group. You're
> quite okay to be the owner and group-owner of the files. The "other"
> user permissions are appropriate ones for letting Apache read files.
>
> I do keep forgetting to mention you have to set parent directory
> permissions, as well, with at least enough permissions for Apache to
> read from homespaces. For example:
>
> drwx-----x root root /home
> drwx-----x tim tim /home/tim/
> drwx---r-x tim tim /home/tim/public_html/
> drwx---r-- tim tim /home/tim/public_html/homepage.html
> drwx---r-x tim tim /home/tim/public_html/images/
> drwx---r-- tim tim /home/tim/public_html/images/picture.jpeg
>
> > This way, I can log in as user and modify the files, but apache can
> > only read them. Does anybody see anything dangereous here? I figured
> > that this was the safest way to do it.
>
> Probably not, on the face of it, but it's still unusual, and you'd have
> to remember to go around chowning things.
>
I don't chown anything. Apache is in the group "user" (which is the
name of my user).
Dotan Cohen
http://essentialinux.com/locale.php
http://bybon.com
More information about the users
mailing list