Tim wrote:
On Tue, 2007-02-20 at 20:14 -0500, Jim Cornette wrote:
Isn't apache limited on what it can access, even more than a regular
user?
Yes, by SELinux. You need to use appropriate contexts for files to be
served by Apache, or disable SELinux protection on the web server. I'd
only do that if you were only locally serving files for testing.
I would want to have protection from SELinux if the site ever was used
for Internet or Intranet usage. I have seen infiltration attempts toward
Windows computers on out Intranet so trust would not be possible with
open services.
I'll have to read up on the most secure way to setup the files being
served out. I believe I hit on suggestions on google searches concerning
the issues. One was from a Rich, who may be the same person as
previously responded and is in agreement with your suggestions. (Setup
document web admin and separate script web admin groups for maintaining
the files).
Thanks!
Jim
