On Tue, 2007-02-20 at 16:03 +0200, Dotan Cohen wrote: > I've got rootDirectory as /home/user/public_html/, not /var/www. > Apache is in the group user. I've got group permission as read only. You don't need to have Apache as any sort of user or group. You're quite okay to be the owner and group-owner of the files. The "other" user permissions are appropriate ones for letting Apache read files. I do keep forgetting to mention you have to set parent directory permissions, as well, with at least enough permissions for Apache to read from homespaces. For example: drwx-----x root root /home drwx-----x tim tim /home/tim/ drwx---r-x tim tim /home/tim/public_html/ drwx---r-- tim tim /home/tim/public_html/homepage.html drwx---r-x tim tim /home/tim/public_html/images/ drwx---r-- tim tim /home/tim/public_html/images/picture.jpeg > This way, I can log in as user and modify the files, but apache can > only read them. Does anybody see anything dangereous here? I figured > that this was the safest way to do it. Probably not, on the face of it, but it's still unusual, and you'd have to remember to go around chowning things. -- (This PC runs FC4, my others FC5 & FC6, in case that's important to the thread) Don't send private replies to my address, the mailbox is ignored. I read messages from the public lists.
