Re: OT?:Proper owner of html files in Apache

To: "debian-user@lists.debian.org" <debian-user@lists.debian.org>
Subject: Re: OT?:Proper owner of html files in Apache
From: Nathan E Norman <nnorman@micromuse.com>
Date: Tue, 24 Jul 2001 14:04:40 -0500
Message-id: <[🔎] 20010724140440.H26891@micromuse.com>
Mail-followup-to: "debian-user@lists.debian.org" <debian-user@lists.debian.org>
In-reply-to: <[🔎] 3B5DC4E2.4EFD3437@mindspring.com>
References: <[🔎] 20010725033346.A3325@broken.wedontsleep.org> <[🔎] 3B5DC4E2.4EFD3437@mindspring.com>

On Tue, Jul 24, 2001 at 02:56:34PM -0400, Ken Januski wrote:
> Steve,
> 
> I guess I'm wondering if there's a good reason for a default of
> root.root. I prefer to work as root as little as possible so hate to
> become root in order to write any pages.
> 
> Do you think www-data.www-data makes more sense? Do you know of a reason
> it's not www-data.www-data to begin with?

www-data:www-data is an astoundingly bad idea since apache runs as
www-data:www-data.  IOW, apache would be able to write to the files
(unless of course you chmod u-w the files (but why?))

This gets even worse when you think about cgi scripts.

Cheers,

-- 
Nathan Norman - Staff Engineer | A good plan today is better
Micromuse Ltd.                 | than a perfect plan tomorrow.
mailto:nnorman@micromuse.com   |   -- Patton

Attachment: pgp4SJvW4sF6x.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Re: OT?:Proper owner of html files in Apache
  - From: Ken Januski <kenjanuski@mindspring.com>

References:
- Re: OT?:Proper owner of html files in Apache
  - From: Steve Kowalik <stevenk@hasnolife.com>
- Re: OT?:Proper owner of html files in Apache
  - From: Ken Januski <kenjanuski@mindspring.com>

Prev by Date: Re: MySQL question
Next by Date: Re: AC97 sound with devfs and 2.4.6
Previous by thread: Re: OT?:Proper owner of html files in Apache
Next by thread: Re: OT?:Proper owner of html files in Apache
Index(es):
- Date
- Thread