On Tue, 4 Mar 2008 12:18:56 -0800 (PST) Hiep Nguyen <hiep at ee.ucr.edu> took out a #2 pencil and scribbled: > hi again, > > [root at dev ~]# ls -all /var/www/ > total 64 > drwxr-xr-x 8 root root 4096 Mar 3 11:44 . > drwxr-xr-x 21 root root 4096 Mar 3 11:44 .. > drwxr-xr-x 2 root root 4096 Jan 15 20:36 cgi-bin > drwxr-xr-x 3 root root 4096 Mar 3 11:43 error > drwxr-xr-x 2 root root 4096 Jan 15 20:36 html > drwxr-xr-x 3 root root 4096 Mar 3 11:44 icons > drwxr-xr-x 14 root root 4096 Mar 3 11:44 manual > drwxr-xr-x 2 webalizer root 4096 Mar 3 11:44 usage > > currently, html is belonging to root group/owner and httpd is > running under apache user/group. > > what should i change html to, so that httpd can run safely under > apache user/group??? > > or should i change httpd to run under a different user/group??? > > if i keep httpd running on apache user/group, should i change > html to apache group/owner??? > > thank you for all your help. > t. hiep You do not need to change the user and group. The default groups are fine, apache should be able to traverse the directories and read them; thus, serve them up without a problem. So long as apache has permission to read the contents (correct permissions) you do not have to change the user/group to be specific to apache. I would refrain from making anything writable (unless necessar) by apache anyhow. Just for the sake of security. Sincerely, Alex White -- ethericalzen at gmail.com Life is a prison, death is a release