[CentOS] apache docroot permissions
Johan Martinez
jmartiee at gmail.com
Wed May 4 19:49:52 UTC 2011
On Wed, May 4, 2011 at 12:58 PM, Kenneth Porter <shiva at sewingwitch.com>wrote:
> User apache only needs read access except under special conditions, such as
> a script that needs to store configuration in a file. And a lot of apps
> store their state in a DB so they don't need filesystem write access at
> all.
>
> Set the permissions as strict as possible, so that if an attacker finds a
> bug in apache, he does as little damage as possible.
> _______________________________________________
> CentOS mailing list
> CentOS at centos.org
> http://lists.centos.org/mailman/listinfo/centos
>
Thanks for the suggestions Richard and Kenneth. I installed drupal here and
it requires user running apache to have write access on filesystem.
Otherwise it complains: 'The directory sites/default/files is not writable'.
The content editors/developers need write access to theme/pictures folders.
So it seems like I can't avoid giving write access to apache user. Any hacks
or tips here?
jM.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.centos.org/pipermail/centos/attachments/20110504/f9d488c8/attachment.html>
More information about the CentOS
mailing list