Re: /var/lib/apache/mod-bandwidth world-writable [forwarded]
Hi,
On 04 Feb 2004, Fabio Massimo Di Nitto <fabbione@fabbione.net> wrote:
> >From mod-bandwith source/documentation:
>
> * 3) Create the following directories with "rwx" permission to everybody :
> * /tmp/apachebw
> * /tmp/apachebw/link
> * /tmp/apachebw/master
Thanks for pointing me to the source documentation. But I do not get it at
all. Could you please explain why rwx permissions are needed for any user?
Why isn't a 770 on www-data sufficient? The only reason I can come up with
is an suexec-enabled apache, but that is as far as I know not the default
in debian.
I'd prefer a more sane default on the write permissions of those
directories. If 777 permissions are really necessary in some cases, this
should be added to the mod_bandwidth documentation.
If you are not sure under what circumstances 777 permissions are required,
I'd be willing to investigate further.
Thanx
Philipp
--
Philipp Weis pweis@pweis.com
Freiburg, Germany http://pweis.com/
Reply to: