httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mark H. Wood" <mw...@IUPUI.Edu>
Subject Re: [users@httpd] Why do I need /var/www as DocumentRoot & www-data as www owner?
Date Wed, 03 Sep 2008 18:10:42 GMT
On Tue, Sep 02, 2008 at 04:43:01PM -0400, Eric Covener wrote:
> On Tue, Sep 2, 2008 at 3:15 PM, Greg Platt - Platt Consultants
> <GregPlatt@ix.netcom.com> wrote:
> 
> > I remember someone mentioning in a post I made weeks ago that the ownerships
> > and permissions on my web directories seemed odd. His remarks suggested he
> > thought all web directories ought to be owned by www-data and have
> > permissions of 755.
> 
> Generally your webserver (www-data) userid shouldn't own the content
> it's serving (or the directory it lives in)
> 
> I think you're  taking the packaging decisions of various
> distributions to heart a little too much.  You should be able to quite
> easily change a DocumentRoot as you move from host to host.

He *did* say he was coming from Red Hat 7, so I can understand that he
might have developed an allergy to reorganizing things, since RHL will
put them right back again the first time you sneeze.  I don't recall
Debian being so, um, insistent, but it's been years since I used
either and things may have changed.

Yes, I would say that the webserver should not own any file it is not
expected to write.  The owner of a file owns its permission mask and
can change its own access at will.

-- 
Mark H. Wood, Lead System Programmer   mwood@IUPUI.Edu
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.


Mime
View raw message