On 21/02/07, Tim <ignored_mailbox@xxxxxxxxxxxx> wrote:
On Tue, 2007-02-20 at 16:03 +0200, Dotan Cohen wrote: > I've got rootDirectory as /home/user/public_html/, not /var/www. > Apache is in the group user. I've got group permission as read only. You don't need to have Apache as any sort of user or group. You're quite okay to be the owner and group-owner of the files. The "other" user permissions are appropriate ones for letting Apache read files. I do keep forgetting to mention you have to set parent directory permissions, as well, with at least enough permissions for Apache to read from homespaces. For example: drwx-----x root root /home drwx-----x tim tim /home/tim/ drwx---r-x tim tim /home/tim/public_html/ drwx---r-- tim tim /home/tim/public_html/homepage.html drwx---r-x tim tim /home/tim/public_html/images/ drwx---r-- tim tim /home/tim/public_html/images/picture.jpeg > This way, I can log in as user and modify the files, but apache can > only read them. Does anybody see anything dangereous here? I figured > that this was the safest way to do it. Probably not, on the face of it, but it's still unusual, and you'd have to remember to go around chowning things.
I don't chown anything. Apache is in the group "user" (which is the name of my user). Dotan Cohen http://essentialinux.com/locale.php http://bybon.com
