Jerry Stuckle wrote: > Bob Proulx wrote: > > The default for phpmyadmin is that the files are owned by root not > > www-data. If they were owned by www-data then they would be unsafe. > > (If, and this is a hypothetical if, you told me the files were owned > > by a special phpmyadmin-data account, then I would say okay too. > > Because that is a different user from the www-data user.) > > They also should never have to be changed by the user (except for > the config file). But I suspect the real reason is because there is > no standard user which would be a good one to use. You obviously One would need to be created for it to exist. But why? One isn't needed. > wouldn't want to use www-data, for reasons previously mentioned. > bin, sys, man and other standard id's aren't appropriate. There may > or may not be user id's (there should be, but they are not required, > AFAIK). And if you do have multiple userids, which one would be > appropriate? > > By default, root is the selection. And root is perfectly satisfactory for this purpose. > But then we weren't talking about phpmyadmin. We were talking about > user files. I know *you* keep talking about user created files. We established that in another conversation. But *other* people keep talking about *all* files. "All" includes user created files. But all also includes any other possible file too. When you say that users should work as their own non-root account I fully agree with you that working as non-root is a safer best-practice to follow. But when others say that there should never be a root owned file (user created or otherwise) then that is clearly wrong. That is where I was objecting. > > Unfortunately others like it to be all of viewed from the web, > > installed from the web, upgraded from the web, managed from the web. > > And there lies the problem. > > Yes, it is. I use Drupal 7 on some of my sites; when I want to > update from the web, I find it a simple matter to place the site in > maintenance mode, ssh into it, and chown -R to www-data on the > directory, update via the web, then chown -R back to the original > id. A couple of extra steps, but worth the security. That is a good strategy. It takes the extra care to avoid the problem. It keeps the OS security layer up while the site is online. I like it. But I think very few people actually take the time and effort to actually do this. At least from the evidence of the large number of cracked sites on the web. You may be one of the few that is making the effort to avoid it. Bob
Attachment:
signature.asc
Description: Digital signature