[CentOS] Apache and web content permissions
Leon Fauster
leonfauster at googlemail.comSun Dec 3 00:14:24 UTC 2017
- Previous message: [CentOS] Apache and web content permissions
- Next message: [CentOS] Apache and web content permissions
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
> Am 02.12.2017 um 22:14 schrieb Nicolas Kovacs <info at microlinux.fr>: > > Le 02/12/2017 à 10:30, Nicolas Kovacs a écrit : > > ==> Reminder: this is actually the question I'm asking in my post. Oh, we all read (only) what we want :-) > So I'm finally coming to my question. How problematic is it really to >> have the apache user and group owning the stuff under /var/www? "problematic" should be defined by yourself (probability * impact = risk). to answer lets use a comparison: the root user can write to all /bin/ files. Executing them will not change the binaries (in a perfect world). What happens when something tries to use this fact (write perm) to do malicious things? Therefore its good practice to work as "non-root" user. So, when the httpd user (web daemon) has full write permissions, what happens when something tries to use this fact (write perm) to do malicious things? Anybody that have an eye on the httpd logs knowns that the web is not a perfect world. Not an direct answer because there is not an absolut one but I hope that I could express my point of view ... -- LF
- Previous message: [CentOS] Apache and web content permissions
- Next message: [CentOS] Apache and web content permissions
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
More information about the CentOS mailing list