httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rich Bowen <rbo...@rcbowen.com>
Subject Re: [users@httpd] Apache 2.2.15 says You do not have permission to view [this file]
Date Fri, 30 Jul 2010 01:24:27 GMT

On Jul 29, 2010, at 8:35 PM, James Godrej wrote:

> This I understand.
> But then do other users  not need read write permissions.
> There is hardly any thing given on this page
> http://httpd.apache.org/docs/trunk/misc/security_tips.html#serverroot
> You mentioned ServerRoot not be chowned to Apache.
> But if not then to what should it be and there is nothing about  
> Document Root to be chowned ?
> Who should own the Document Root there are many applications I  
> download from internet in their README pages it says
> to chown those directories to apache.
> Otherwise it never worked.
> What should I do in this situation?



If an application tells you you must chown it to Apache, then that's a  
clear indication that the authors of that application have no concern  
for security, and the application should be avoided.


--
Rich Bowen
rbowen@rcbowen.com




Mime
View raw message