[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Home dir Permissions

On 12 Feb 1998, William R. Ward wrote:

> One comment about permissions: Web files do *NOT* have to be world
> readable.  They just have to be readable by the web server.  If you
> set up a user and group for your web server (I use www for both) you
> can get by with just having the files be group-readable by the
> webserver's group (and not all the other users on the system).

I missed the beginning of this thread, but why forbid local users from
viewing files that you let any user outside of your system view?  Most
people I know concerned with security in their directories remove the read
permissions on directories so anyone can get to the file, but only if they
know the name.  Note, this isn't a high level of security, just another
thing to do.  I don't see any reason to add users to more groups.


Brandon Mitchell <bhmit1@mail.wm.edu>   "We all know linux is great... it
PGP: finger -l bhmit1@cs.wm.edu          does infinite loops in 5 seconds"
Phone: (757) 221-4847                      --Linus Torvalds

TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to: