On Wed, May 4, 2011 at 12:58 PM, Kenneth Porter <shiva at sewingwitch.com>wrote: > User apache only needs read access except under special conditions, such as > a script that needs to store configuration in a file. And a lot of apps > store their state in a DB so they don't need filesystem write access at > all. > > Set the permissions as strict as possible, so that if an attacker finds a > bug in apache, he does as little damage as possible. > _______________________________________________ > CentOS mailing list > CentOS at centos.org > http://lists.centos.org/mailman/listinfo/centos > Thanks for the suggestions Richard and Kenneth. I installed drupal here and it requires user running apache to have write access on filesystem. Otherwise it complains: 'The directory sites/default/files is not writable'. The content editors/developers need write access to theme/pictures folders. So it seems like I can't avoid giving write access to apache user. Any hacks or tips here? jM. -------------- next part -------------- An HTML attachment was scrubbed... URL: <http://lists.centos.org/pipermail/centos/attachments/20110504/f9d488c8/attachment-0005.html>