[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

webapps running as plain user instead of www-data ?

webapps-common draft states in 3.2.1 [0] that config files
modifiable by the application must belong to www-data group.

Since now it's easy (with e.g. spawn-fcgi) to setup fastcgi
backends as a plain user, web apps don't have to be run as

Potential benefits :
- one application can't access sensible files of another
  application running as www-data.
- provides an easy way to limit resource usage by
  each web app, since it's bound to one user.

Along these lines, i wonder if a common scheme for user naming
could be defined (something like www-data-mywebapp).

Any opinions about that ?

Jérémy Lal


Reply to: