Le dimanche 27 juin 2010, glaskoncILLa a écrit : > Application has authentication over htpasswd defined in installation > process, so is it ok to give full permission for everyone on that > directory which is placed in /usr/share/PACKAGE? I think 777 permissions are not needed, and are really too much. Keep in mind that the server where this package is installed may have Unix account or normal users, and that allowing them to read a webapp's data, or worse, to write to it, should only be the admin's choice. I do not see why 777 would be needed, is not 700 www-data:root enough? In addition, the prefix /usr is, as I understand it, to be used for packages only, and neither the admin nor the users should ever directly modify files in it. Variable data should go to somewhere under /var. > Or is it better to give standard permissions and put note about it in > DEBIAN.readme? It is better that a 777, sure. But could you describe the exact needs you have for your package? As you describe it, it seems it can use some uploaded code files, like dokuwiki, which package I maintain, can use plugins uploaded through its web interface. If it is the case, I can describe the solution I chose, to respect the FHS and the policy as possible. -- Tanguy Ortolo
Attachment:
signature.asc
Description: Digital signature