[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: allowing a "normal" user to work efficiently



Rob Weir wrote:
On Tue, Oct 21, 2003 at 09:48:33AM -0400, Roberto Sanchez said

Benedict Verheyen wrote:

Hi,

i'm wondering what the best method is of allowing a normal user account to
do stuff like writing cd's, accessing local webpages (/var/www) and so on.
There are a couple of methods like:

1. Making a group, put the user in that group and set that group as owner
of say /var/www or another dir where you want to user to have access too.


Add the user to the www-data group.  On Debian, the www-data group is
the default owner of files in www-data.  Just make sure to do a
chmod -R g+w /var/www/, or they won't have write access.


Nooooooooooooooooooooooooooooooooooooooooooooooooooooooooo!  Files in
there are explicitly root.root, so that if apache gets cracked, the
cracker still can't modify your web site.  Create a "www-users" group or
something and chown the files to it and add people to that group.


Sorry, on my machine, apache runs as apache.apache, so that it
is a different UID.GID from www-data.www-data.  My bad.

-Roberto

Attachment: pgpT4wKpL05lc.pgp
Description: PGP signature


Reply to: