On Tue, 4 Mar 2008 12:18:56 -0800 (PST) Hiep Nguyen hiep@ee.ucr.edu took out a #2 pencil and scribbled:

hi again,

[root@dev ~]# ls -all /var/www/ total 64 drwxr-xr-x 8 root root 4096 Mar 3 11:44 . drwxr-xr-x 21 root root 4096 Mar 3 11:44 .. drwxr-xr-x 2 root root 4096 Jan 15 20:36 cgi-bin drwxr-xr-x 3 root root 4096 Mar 3 11:43 error drwxr-xr-x 2 root root 4096 Jan 15 20:36 html drwxr-xr-x 3 root root 4096 Mar 3 11:44 icons drwxr-xr-x 14 root root 4096 Mar 3 11:44 manual drwxr-xr-x 2 webalizer root 4096 Mar 3 11:44 usage

currently, html is belonging to root group/owner and httpd is running under apache user/group.

what should i change html to, so that httpd can run safely under apache user/group???

or should i change httpd to run under a different user/group???

if i keep httpd running on apache user/group, should i change html to apache group/owner???

thank you for all your help. t. hiep

You do not need to change the user and group. The default groups are fine, apache should be able to traverse the directories and read them; thus, serve them up without a problem.

So long as apache has permission to read the contents (correct permissions) you do not have to change the user/group to be specific to apache.

I would refrain from making anything writable (unless necessar) by apache anyhow. Just for the sake of security.

Sincerely,

Alex White