httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Joshua Slive <>
Subject RE: [users@httpd] Virtual hosting user problem
Date Thu, 15 Apr 2004 23:38:34 GMT

On Thu, 15 Apr 2004, Gary Smith wrote:

> The logs for the base web server are secured but each of the users logs
> are dropped in a directory under /home/client/website/logs.  This way
> then can read them as much as they want.  The logs are still owned by
> root.root but it allows me to let the client do as they will with the
> data.  It makes sense that the service wouldn't start because of a log
> issue.  I remember a problem that I had when I deleted the /var/logs/www
> directory in dev some time ago.

Logs in a non-root writable directory is a *bad* idea, as the security
docs say.  Any user who controls such a directory can likely take over


The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message