Re: Making files readable for the webserver
On Thu, Jul 26, 2001 at 02:47:51PM +1000, Martijn van Oosterhout wrote:
> On Thu, Jul 26, 2001 at 06:28:52AM +0200, Simon Richter wrote:
> > Hi,
> >
> > I have a package (uprecords-cgi) which has some config files that need to
> > be readable for the webserver (specifically, for a CGI script). Is there
> > any definition how the permissions should look like (644 root.root, 640
> > root.www-data, ...)?
>
> Unless there is security sensetive data in there, I'd suggest 644. Config
> files that are not world readable are quite annoying.
>
> As for the group, I figured that the www-data group was mostly for the
> actual files being served rather than the files used by the webserver.
Unfortunately, the www-data user/group are misnamed. Web servers and CGI
scripts typically run as www-data.www-data, and so actual "WWW data" should not
be owned by this user, and should at most be readable by the group.
--
- mdz
Reply to: