httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Hiep Nguyen <h...@ee.ucr.edu>
Subject Re: [users@httpd] apachectl
Date Tue, 11 Dec 2007 18:17:36 GMT
On Tue, 11 Dec 2007, Vincent Bray wrote:

> On 11/12/2007, Hiep Nguyen <hiep@ee.ucr.edu> wrote:
>> should i change to apache user or something else?  i'll have couple people
>> in this office upload files (.pdf, .php, .js, .doc, .xls, etc...) to
>> /var/www/html/ folder and i don't want to give root password to them.
>
> Don't use the apache user unless the web server needs to be able to
> write to your content. It sounds very much like that's not the case.
>

i'm not quite sure what you meant by "write to your content", but this 
server needs ability to generate pdf files (and save to 
/var/www/html/pdf/)and others.  right now, i use 
apache, php, & mysql to write my website, but i'm sure java and other 
stuffs will be added on later.

is this mean that i have to change /var/www/html/ to apache user?

what is the danger of change /var/www/html/ to apache user?

>> if i leave as root, can i create a few accounts and let them use these
>> accounts to upload files?  is there any problem when the folder is root
>> and files are not root owner?
>
> I'd recommend the following:
>
> * Give everyone their own user account
> * Create a group for the site, something like 'webeditors'
> * Add all your editors to that group
> * Change the group ownership of /var/www/html to that group
> * Change the mode of that directory to 2775
> * Make sure whatever service your editors use to upload (ftp, sftp)
> has umask 002
> * Have at it :-)
>
> If that's too complicated or too fragile (the umask is important, and
> sometimes hard to control) just create a separate user account, chown
> /var/www/html to that user and give the editors the password.
>
> -- 
> noodl
>
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>   "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
>
>

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message