[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: exploring debian's users and groups

On Sat, 11 Aug 2001 15:20:23 -0800, Ethan Benson <erbenson@alaska.net>
wrote:
>On Sun, Aug 12, 2001 at 12:16:54AM +0200, Marc Haber wrote:
>> So, on a site with a lot of virtual hosts, one should create a
>> users/groups www to own the files, that need to be world-readable for
>> the http server to read them? The ftp daemon that is used to upload
>> would need to run as www then, right?
>
>no, you create a user www-daemon (which is what www-data SHOULD be
>called...) and it owns the web server PROCESS, it does not own any
>files.

That would be a deviation from the Debian way, but it sounds sensible.

>the site files are owned by whoever created them and are world
>readable (so the www-daemon user can read them).  
>
>you might create a group html or something that has write permission
>to site directories/files, users allowed to make changes to the site
>would be a member of this group then, but the www-daemon user would
>NOT and should not be a member.

The ftp daemon would then run as www-data?

Greetings
Marc

-- 
-------------------------------------- !! No courtesy copies, please !! -----
Marc Haber          |   " Questions are the         | Mailadresse im Header
Karlsruhe, Germany  |     Beginning of Wisdom "     | Fon: *49 721 966 32 15
Nordisch by Nature  | Lt. Worf, TNG "Rightful Heir" | Fax: *49 721 966 31 29
Reply to: