On Sun, Jun 27, 2010 at 09:05:30PM +0200, Tanguy Ortolo wrote: > I think 777 permissions are not needed, and are really too much. Keep in > mind that the server where this package is installed may have Unix > account or normal users, and that allowing them to read a webapp's data, > or worse, to write to it, should only be the admin's choice. > > I do not see why 777 would be needed, is not 700 www-data:root enough? > > In addition, the prefix /usr is, as I understand it, to be used for > packages only, and neither the admin nor the users should ever directly > modify files in it. Variable data should go to somewhere under /var. ack on both of this. depending on the context, permissions like described above and a subdirectory like /var/lib/<pkg>/uploads assuming you need the data to hang around permanently and otherwise s,lib,cache,. sean --
Attachment:
signature.asc
Description: Digital signature