[CentOS] apache docroot permissions
Kenneth Porter
shiva at sewingwitch.com
Wed May 4 17:58:24 UTC 2011
User apache only needs read access except under special conditions, such as
a script that needs to store configuration in a file. And a lot of apps
store their state in a DB so they don't need filesystem write access at
all.
Set the permissions as strict as possible, so that if an attacker finds a
bug in apache, he does as little damage as possible.
More information about the CentOS
mailing list