[CentOS] Using Samba to share Apache web root, securely
John R Pierce
pierce at hogranch.com
Tue Aug 9 17:55:15 UTC 2011
On 08/09/11 6:33 AM, m.roth at 5-cent.us wrote:
> What I've done, where developers, for example, need to put updated pages
> in, is to have the directories owned by apache/httpd, but the*group* that
> they belong to, and make it group writeable.
you don't actually want apache/http to own ANY of the web content, it
should all be read only from the webserver's perspective. this way if
the web server gets hacked, it can't be used to upload hostile content.
--
john r pierce N 37, W 122
santa cruz ca mid-left coast
More information about the CentOS
mailing list