[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Permission Help(deny others, allow group & Apache+Samba)

Anthony Hawkes wrote:
Roberto C. Sanchez wrote:
On Thu, Aug 17, 2006 at 03:10:05PM +0100, Jon Dowland wrote:
At 1155837967 past the epoch, Anthony Hawkes wrote:
I am not sure which users to add to group folder and what
to modify to fix this problem up, I have googled my heart
out and cannot figure this out can anyone give me some
Apache2 runs as "www-data"; you would have to add www-data
to the group which has access to this folder and restart
apache. Note however that this means any script on the
server that has a flaw in it might be exploited to read or
write to this directory.

If you need more fine-grained access control for web
applications, take a look at the SELinux ACLs.

SELinux ACLs might be overkill for this.  Standard ext2/ext3 or xfs ACLs
would probably do the trick.  He could even set something up to monitor
the directory tree for new files or directories and then have it update
the ACLs.



What about the issue with Samba, I will google the above, I did however try adding the group www-data to the folder group but didn't restart, i'm assuming since you've said this that a restart of the apache2 server is required for the changes to take affect?

Reply to: