[CentOS] Using Samba to share Apache web root, securely
Leonard den Ottolander
leonard at den.ottolander.nl
Tue Aug 9 06:31:20 UTC 2011
On Mon, 2011-08-08 at 19:52 -0700, Craig White wrote:
> mkdir /var/www/html/department_a
> chown root:department_a /var/www/html/department_a
> chmod g+ws /var/www/html/department_a
In which case you probably want to add apache to the department_a group.
And all users accessing that share of course, although the sgid will
always set the gid correctly, assuming the user can actually write there
which is easier to accomplish if they share that group.
There's probably a way to add apache to that group with a configuration
on the local machine so it doesn't have to query your ADS/NMB server.
Not sure about the details but the docs at http://samba.org/samba/docs/
are invaluable.
And if you use php applications with safe mode you need
php_admin_value safe_mode_gid on
so apache accesses them on gid not uid.
Regards,
Leonard.
--
mount -t life -o ro /dev/dna /genetic/research
More information about the CentOS
mailing list