httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Josh Glover <jmg...@incogen.com>
Subject Re: File Permissions CHMOD
Date Tue, 07 May 2002 14:41:14 GMT
Gerard O'Reilly wrote:
> Hi,
> Im using Apache 1.3.12 for my Intranet and am trying to set up proper and
> standardised security.  Apache is running on RHLinux 6.2.
> What is the recommended Unix File Persmissions to be set on Document Root?

Read the post that I just launched (subject: Re: chmod) for more info, 
but in general, you probably want 755 on htdocs and all the directories 
below it, 644 for all of the files.

> Who should I set the Owner and Group as?

I tend to have them owned by the individual users (web developers) who 
maintain them, group webdev. In this case, you need to set the world 
read bit on all the files that you want Apache to serve up, and the 
world execute bit for htdocs and all subdirectories thereof, as above. 
However, you may want to do things differently if you want Joe Shell 
User on your webserver to not be able to view your CGI code.

> In httpd.conf I set my username to apache (changed from nobody) recommended
> by the Apache book im clinging on to.  I created that user in the
> /etc/passwd and /etc/group files.

I hope you used useradd and groupadd? If not, you need to run pwconv to 
update your /etc/shadow for the new user.

> And what file permissions should I set for the UserDir?

That is up to the individual users to control their own public_html or 
whatever.


-- 
Josh Glover <jmglov@incogen.com>

Associate Systems Administrator
INCOGEN, Inc.


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message