installiing joomla
Tim
ignored_mailbox at yahoo.com.au
Fri Sep 13 11:47:09 UTC 2013
Allegedly, on or about 13 September 2013, Karol sent:
> Please set up permission to apache user, probably it will be chmod
> apache:apache /var/www/http
You should NOT change ownership of /var/www/http to Apache, never do
that. That's a VERY BAD THING!!!!!! Anyone who advises you to do that
is not to be trusted (whether it's because they're being malicious, or
simply that they don't know what they're talking about). That allows
anything that can access the webserver to be able to write to those
files. That's a major security risk. I you do not understand this,
then stop, and learn about it before continuing to do anything else.
Seriously! Stop, and do more research. I cannot emphasise it enough.
There are three permission groups for files, the individual owner of the
files, the group owner, and all other users. Only the actual user, or
author of the files, should be the owner of the files. Only they should
have write access to them. You can give a group write access, if you
had more than one user that needed it. The /other/ users permissions is
for everyone else, and they should only have read access.
The Apache webserver accesses files as the apache user, so on a properly
set up system, it only has read-only access to files, as the "other"
user. By default, the www directory is owned by root, so that whoever
is going to edit the files has to have sufficient authority to be able
to write there, or change permissions/ownership so that they can write
there in their own name (rather than root).
For those things that need write access to the files (such as web
blogging where the author will add to the blog by writing through the
webserver, or a plethora of other web services), then some other method
must be used than chowning them to apache.
--
[tim at localhost ~]$ uname -rsvp
Linux 3.9.10-100.fc17.x86_64 #1 SMP Sun Jul 14 01:31:27 UTC 2013 x86_64
All mail to my mailbox is automatically deleted, there is no point
trying to privately email me, I will only read messages posted to the
public lists.
George Orwell's '1984' was supposed to be a warning against tyranny, not
a set of instructions for supposedly democratic governments.
More information about the users
mailing list