Re: OT?:Proper owner of html files in Apache
What I'm trying to find out is if root.root is a good idea? I assume it
is or it wouldn't be the default. It just seems odd to me to have to
become root in order to write either a html or cgi page.
Nathan E Norman wrote:
>
> On Tue, Jul 24, 2001 at 02:56:34PM -0400, Ken Januski wrote:
> > Steve,
> >
> > I guess I'm wondering if there's a good reason for a default of
> > root.root. I prefer to work as root as little as possible so hate to
> > become root in order to write any pages.
> >
> > Do you think www-data.www-data makes more sense? Do you know of a reason
> > it's not www-data.www-data to begin with?
>
> www-data:www-data is an astoundingly bad idea since apache runs as
> www-data:www-data. IOW, apache would be able to write to the files
> (unless of course you chmod u-w the files (but why?))
>
> This gets even worse when you think about cgi scripts.
>
> Cheers,
>
> --
> Nathan Norman - Staff Engineer | A good plan today is better
> Micromuse Ltd. | than a perfect plan tomorrow.
> mailto:nnorman@micromuse.com | -- Patton
>
> ------------------------------------------------------------------------
> Part 1.2Type: application/pgp-signature
Reply to: