On 02/21/2011 01:57 PM, Stefan Fritsch wrote:
Apache opens the logs as root before changing user. This is intentional and makes sense from a security point of view.
Thank you for the prompt response. :-)I'm designing a Linux/ Apache/ MySQL/ Perl content management system that I'd like to work in shared hosting environments (among other configurations). Apache typically runs as an unpriviledged user (www-data on Debian, suexec, others?). So, neither my software nor the user will be able to rotate or delete the logs.
What is the correct solution? David