On Thu, Aug 17, 2006 at 03:10:05PM +0100, Jon Dowland wrote:
At 1155837967 past the epoch, Anthony Hawkes wrote:
I am not sure which users to add to group folder and what
to modify to fix this problem up, I have googled my heart
out and cannot figure this out can anyone give me some
Apache2 runs as "www-data"; you would have to add www-data
to the group which has access to this folder and restart
apache. Note however that this means any script on the
server that has a flaw in it might be exploited to read or
write to this directory.
If you need more fine-grained access control for web
applications, take a look at the SELinux ACLs.
SELinux ACLs might be overkill for this. Standard ext2/ext3 or xfs ACLs
would probably do the trick. He could even set something up to monitor
the directory tree for new files or directories and then have it update