Return-Path: Delivered-To: apmail-httpd-docs-archive@httpd.apache.org Received: (qmail 3133 invoked by uid 500); 19 Sep 2002 17:45:10 -0000 Mailing-List: contact docs-help@httpd.apache.org; run by ezmlm Precedence: bulk list-help: list-unsubscribe: list-post: Reply-To: docs@httpd.apache.org Delivered-To: mailing list docs@httpd.apache.org Received: (qmail 3110 invoked by uid 500); 19 Sep 2002 17:45:10 -0000 Delivered-To: apmail-apache-docs@apache.org Delivered-To: apmail-httpd-docs-1.3-cvs@apache.org Date: 19 Sep 2002 17:45:09 -0000 Message-ID: <20020919174509.25002.qmail@icarus.apache.org> From: slive@apache.org To: httpd-docs-1.3-cvs@apache.org Subject: cvs commit: httpd-docs-1.3/htdocs/manual/howto auth.html X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N slive 2002/09/19 10:45:09 Modified: htdocs/manual/howto auth.html Log: The webserver shouldn't be allowed write permissions to files unless it REALLY needs it. Submitted by: Hank Leininger PR: 12822 Revision Changes Path 1.6 +3 -2 httpd-docs-1.3/htdocs/manual/howto/auth.html Index: auth.html =================================================================== RCS file: /home/cvs/httpd-docs-1.3/htdocs/manual/howto/auth.html,v retrieving revision 1.5 retrieving revision 1.6 diff -u -d -b -u -r1.5 -r1.6 --- auth.html 7 Jun 2002 01:38:01 -0000 1.5 +++ auth.html 19 Sep 2002 17:45:08 -0000 1.6 @@ -308,9 +308,10 @@ that the web server itself can read the file. For example, if your server is configured to run as user nobody and group nogroup, then you should set permissions on the - file so that only that user can read the file:

+ file so that only the webserver can read the file and only + root can write to it:

  -chown nobody.nogroup /usr/local/apache/passwd/passwords
  +chown root.nogroup /usr/local/apache/passwd/passwords
   chmod 640 /usr/local/apache/passwd/passwords

--------------------------------------------------------------------- To unsubscribe, e-mail: docs-unsubscribe@httpd.apache.org For additional commands, e-mail: docs-help@httpd.apache.org