Return-Path:
Delivered-To: apmail-httpd-docs-archive@httpd.apache.org
Received: (qmail 3133 invoked by uid 500); 19 Sep 2002 17:45:10 -0000
Mailing-List: contact docs-help@httpd.apache.org; run by ezmlm
Precedence: bulk
list-help:
list-unsubscribe:
list-post:
Reply-To: docs@httpd.apache.org
Delivered-To: mailing list docs@httpd.apache.org
Received: (qmail 3110 invoked by uid 500); 19 Sep 2002 17:45:10 -0000
Delivered-To: apmail-apache-docs@apache.org
Delivered-To: apmail-httpd-docs-1.3-cvs@apache.org
Date: 19 Sep 2002 17:45:09 -0000
Message-ID: <20020919174509.25002.qmail@icarus.apache.org>
From: slive@apache.org
To: httpd-docs-1.3-cvs@apache.org
Subject: cvs commit: httpd-docs-1.3/htdocs/manual/howto auth.html
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N
slive 2002/09/19 10:45:09
Modified: htdocs/manual/howto auth.html
Log:
The webserver shouldn't be allowed write permissions to files unless
it REALLY needs it.
Submitted by: Hank Leininger
PR: 12822
Revision Changes Path
1.6 +3 -2 httpd-docs-1.3/htdocs/manual/howto/auth.html
Index: auth.html
===================================================================
RCS file: /home/cvs/httpd-docs-1.3/htdocs/manual/howto/auth.html,v
retrieving revision 1.5
retrieving revision 1.6
diff -u -d -b -u -r1.5 -r1.6
--- auth.html 7 Jun 2002 01:38:01 -0000 1.5
+++ auth.html 19 Sep 2002 17:45:08 -0000 1.6
@@ -308,9 +308,10 @@
that the web server itself can read the file. For example, if
your server is configured to run as user nobody and
group nogroup, then you should set permissions on the
- file so that only that user can read the file:
+ file so that only the webserver can read the file and only
+ root can write to it:
-chown nobody.nogroup /usr/local/apache/passwd/passwords
+chown root.nogroup /usr/local/apache/passwd/passwords
chmod 640 /usr/local/apache/passwd/passwords
---------------------------------------------------------------------
To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org
For additional commands, e-mail: docs-help@httpd.apache.org