On Tue, 4 Mar 2008 12:18:56 -0800 (PST)
Hiep Nguyen <hiep at ee.ucr.edu> took out a #2 pencil and scribbled:
> hi again,
>
> [root at dev ~]# ls -all /var/www/
> total 64
> drwxr-xr-x 8 root root 4096 Mar 3 11:44 .
> drwxr-xr-x 21 root root 4096 Mar 3 11:44 ..
> drwxr-xr-x 2 root root 4096 Jan 15 20:36 cgi-bin
> drwxr-xr-x 3 root root 4096 Mar 3 11:43 error
> drwxr-xr-x 2 root root 4096 Jan 15 20:36 html
> drwxr-xr-x 3 root root 4096 Mar 3 11:44 icons
> drwxr-xr-x 14 root root 4096 Mar 3 11:44 manual
> drwxr-xr-x 2 webalizer root 4096 Mar 3 11:44 usage
>
> currently, html is belonging to root group/owner and httpd is
> running under apache user/group.
>
> what should i change html to, so that httpd can run safely under
> apache user/group???
>
> or should i change httpd to run under a different user/group???
>
> if i keep httpd running on apache user/group, should i change
> html to apache group/owner???
>
> thank you for all your help.
> t. hiep
You do not need to change the user and group. The default groups
are fine, apache should be able to traverse the directories and
read them; thus, serve them up without a problem.
So long as apache has permission to read the contents (correct
permissions) you do not have to change the user/group to be
specific to apache.
I would refrain from making anything writable (unless necessar) by
apache anyhow. Just for the sake of security.
Sincerely,
Alex White
--
ethericalzen at gmail.com
Life is a prison, death is a release