Fedora Users — Re: apache security and file permission settings

Re: apache security and file permission settings

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: fedora-list@xxxxxxxxxx

Subject: Re: apache security and file permission settings

From: "Christopher K. Johnson" <ckjohnson@xxxxxxx>

Date: Sun, 04 Jan 2004 18:06:59 -0500

In-reply-to: <[email protected]>

References: <[email protected]>

Reply-to: fedora-list@xxxxxxxxxx

Sender: fedora-list-admin@xxxxxxxxxx

User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.4.1) Gecko/20031114

Technical wrote:

here are the permissions for my html directory:
drwxr-xr-x    2 root     root         4096 Dec 30 19:41 .
drwxr-xr-x    6 root     root         4096 Dec 25 14:00 ..
-rw-r--r--    1 root     root         1919 Dec 30 20:31 index.html
shouldn't the apache user and group own this directory??? I got my apache from the fedora rpm package

Typically not. It is sufficient that apache can read the content it serves, and for security in depth it is better if apache cannot modify the content.

--
-----------------------------------------------------------
  "Spend less!  Do more!  Go Open Source..." -- Dirigo.net
  Chris Johnson, RHCE #807000448202021