Re: User rights to update /var/www/

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Tim:

>> Do pay heed to someone's prior warning about giving users the same group
>> as the apache software, it's a security risk (accidents as well as
>> malicious activity).  Better to make a separate webmasters group for the
>> files that'll be served, and the authors.
 

James Pifer:

> Well, how do you do this? Right now root is the owner of the files and
> apache is the group assignment. How do I give others rights to update
> the files in a safe manner?

man chown

Think about how you're going to do this, and apply it to directories and
files, starting at /var/www/html.  You could leave root as the owner,
make authors the group, add everyone who's an author to the author group
(webmasters is a long word, and makes listing directories a bit
messier).

Something as simple as:  chown -R root:authors /var/www/html/*

You may need to do a separate non-recursive one for the "html"
directory.

e.g. chown root:authors /var/www/html

And ensure that owners and the group can read and write files, other
users can only read files.

e.g. chmod -R o+rw,g+rw,o-w /var/www/html/*

Likewise, you may need to do a separate non-recursive one for the "html"
directory.

e.g. chmod o=rwx,g=rwx,o=wx /var/www/html

(Remember executable permissions are needed for directories, but usually
not wanted for web servable files.)

-- 
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux