|
Le 23/03/2016 21:05, tomas@tuxteam.de a
écrit :
OK. I've changed the folders groups owner to www-data with r-x permissions. Only the owner have rwx permissions and it works well when I upload a file from a web site.-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On Wed, Mar 23, 2016 at 04:40:57PM +0100, Olivier Desport wrote:It's true that Apache is running under www-data group on Jessie :[...]But on Wheezy, Apache is running under root, so I don't have to give execute access to the folder :[...] But that's what I am saying: just chgrp the folder to www-data; I asume that the perms are 0750 -- voilà. The group *has* the necessary w+x access. You don't have to give that to *all*. You're right.By the way -- running Apache under root seems a bad idea. The least security issue gives a potential attacker root! I can't imagine that this was the default in Wheezy (actually I'm pretty sure it wasn't). regards - -- t -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iEYEARECAAYFAlby9xwACgkQBcgs9XrR2kbZNACdGol+oXiyWReIeHlafhG8tA4+ pIkAnAxZHR5zU8lM0ZcAR6NGdh5QgGcc =OVq7 -----END PGP SIGNATURE----- |