On 02/21/2011 12:33 PM, Andrei Popescu wrote:
On Du, 20 feb 11, 22:22:05, David Christensen wrote:
2. The rewrite log is empty and owned by root:
$ ll apache-sandbox/log/rewrite.log -rw-r--r-- 1 root root 0 Feb 20
21:57 apache-sandbox/log/rewrite.log
Why is that a problem? Hint: the third 'r' means the log is readable by
anyone ;)
I'm designing a Linux/ Apache/ MySQL/ Perl content management system.
Apache typically runs as an unpriviledged user (www-data on Debian). So,
neither my software nor the user will be able to rotate or delete the logs.