Return-Path: 
 <users-return-937-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 67014 invoked by uid 500); 30 Dec 2001 01:51:11 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
list-post: <mailto:users@httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 67003 invoked from network); 30 Dec 2001 01:51:10 -0000
Received: from celadon.propagation.net (63.249.199.1)
  by daedalus.apache.org with SMTP; 30 Dec 2001 01:51:10 -0000
Received: from localHost (u194a.mdo.net [208.178.160.194])
	by celadon.propagation.net (8.8.5/8.8.5) with SMTP id TAA09299
	for <users@httpd.apache.org>; Sat, 29 Dec 2001 19:49:44 -0600
Message-Id: <200112300149.TAA09299@celadon.propagation.net>
Date: Sat, 29 Dec 2001 20:48 -0500 (EST)
From: Fred Atkinson <fatkinson@mishmash.com>
Organization: Personal Copy
X-Mailer: MailRoom for Internet v3.2b (www.SierraSol.com)
To: <users@httpd.apache.org>
Subject: RE: Best way to do this
X-Spam-Rating: daedalus.apache.org 1.6.2 0/1000/N

>> From: Richard Shade [mailto:rshade98@hotmail.com]
>
>> I believe that apache should be owned by a non root user such as
>> apache,nobody,ncsa,httpd or johndoe with no permission to login
>> then point
>> the doc root to whatever you want.
>
>Hmmm... We are being a little vague when we talk about "apache" being owned
>by a paritcular user.   If we are talking about the apache binary, then it
>should *not* be owned by an unpriveleged user.  It should be owned by root.
>The "User" and "Group" specified in httpd.conf should be set to an
>unpriveleged user, but that is a very different thing.
>
>For more details:
>http://httpd.apache.org/docs/misc/security_tips.html
>
>Joshua.

    What I am getting at is running Apache.  Then, creating multiple
domains and directories to point them at.  Next, assigning each subdirectory
to a different user so each user can update their files to manage their
Web site.  Each user would exercise exclusive control over their files
but Apache would be running under a separate user (perhaps root). 



                                                Fred 


>---------------------------------------------------------------------
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:http://httpd.apache.org/userslist.html> for more info.
>To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>For additional commands, e-mail: users-help@httpd.apache.org

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org