Re: apache permission users
On Mon, 20 May 2013, Tony Baldwin wrote:
[snip]
> and add the server (www-data) to their group, 775 stuff. I don't know if
> it's the best practice,
[snip]
The www-data user and group should be left alone. They are there for
privilege separation of the web server by providing an unprivileged
account for the daemon. It would make the server a lot less secure if
either were to be given write access to the same directories and files
that it is serving. That would defeat the purpose of www-data. If you
need another group for the users to share, create one just for that
purpose and use it instead.
Regards,
/Lars
Reply to: