Dotan Cohen wrote:
The website I have is just used on a network which only I am the only
user for running tests. Funny I know for the purpose of a website to
serve many users.
That's what I'm doing as well. I imagine that for a good portion of
the live websites on the internet today there are non-public testing
versions of the sites, just like what you are doing.
Basically, I have the site setup to assure that if my file content was
transferred to a website, it would work with the program. Currently the
program accesses files via a shared directory. The files with hyperlinks
are setup to work with either situation. (web location or share)
I could not read the files served up by apache, testing tomorrow.
I have apache as a group member. So long as the group member has
read-only access that's fine, right? Why should apache be 'other' if I
am expecting her to access the files?
From my brief reading, apache needs to be able to read and execute
privileges so it can serve the files. I would not think the group of
apache needs changed from the default setup. I need to read up much more
on how to setup the files being served and maintaining the distribution
of files to the server.
Isn't apache limited on what it can access, even more than a regular
user?
Like Tim said, only SELinux pays special attention to Apache. As far
as the kernel is concerned, apache is just another user, as if grandma
had an account on the machine. I actually have SELinux disabled, as
I've found it too cumbersome at my skill level for a
privately-accessed box. However, for a public box you should use it.
I agree! You cannot assume others are trustworthy even with only
Intranet conditions.
Jim
Dotan Cohen
--
If society fits you comfortably enough, you call it freedom.
-- Robert Frost
