[CentOS] Using Samba to share Apache web root, securely
Trey Dockendorf
treydock at gmail.comTue Aug 9 02:32:07 UTC 2011
- Previous message: [CentOS] Centos6 Migration glitch - ZFS-FUSE
- Next message: [CentOS] Using Samba to share Apache web root, securely
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
I'm setting up a shared web server running Apache. Each web root will belong to a department, which has a corresponding Active Directory group to give access. So far I've got samba working and such, but am having some trouble wrapping my head around the necessary permissions to make all this work, especially securely. So far I've found that both the POSIX and the ACL permissions must both allow a user to write to directory which is proving problematic. Is it better to give the web root directories very "loose" permissions and have Samba manage who can access the folders? A few options I've come across would have a user's logged in account mapped to the "apache" user through samba, using the "force user", but that seems like a security risk allowing users to be apache. Another option I currently have working is using a default ACL for apache to give the web server read of all the files. The problem I have with this is some directories require write and some files should have read only (like db config files), so again a global permission set doesn't seem to work. I'd be very interested in knowing how someone has solved a problem like this. Thanks - Trey -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110808/85eb1081/attachment.html>
- Previous message: [CentOS] Centos6 Migration glitch - ZFS-FUSE
- Next message: [CentOS] Using Samba to share Apache web root, securely
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list