Olivier, How is that going to solve the problem? His user doesn't have /var/www as a home ; the issue is /var/www is world-readable/writeable/executable.
The files in your /var/www should strictly speaking only be accessible to your webserver ; for apache usually www-data or apache or httpd accounts should have rwx permissions. Grep for these in /etc/passwd if unsure which one to use. You could then set the permissions to xy0 for /var/www with chmod. Test, if your site doesn't funtion adequately anymore, set the permissions for "other" to "r"(4) only. So for instance: chmod -R 770 www-data:www-data (www-data is the account under which the apache daemon runs on Debian). Check out: man chmod man chrgrp Have fun Roger On Mon, February 27, 2006 1:44 am, Olivier Papauré said: > You can try to create a user with useradd and the -d option. > >>From man useradd : > > "The options which apply to the useradd command are: > > -d home_dir > The new user will be created using home_dir as the value for > the > user's login directory. The default is to append the login > name > to default_home and use that as the login directory name." > > > > > -- > Debian Addict site : http://www.debianaddict.org > > > 2006/2/25, Arnel Pastrana <[EMAIL PROTECTED]>: >> >> Hi, >> >> May I know what are the possibilities to secure the content of my www >> folder? >> >> I want my local user to access because right now when login as an >> ordinary user using ssh i can delete the content of my www folder. >> >> What will I do? any idea? >> >> Thank you, >> >> Arnel Pastrana >> [EMAIL PROTECTED] >> " The key is not to prioritize your shedule but to prioritize your >> priorities." --- Stephen R Covey >> >> >> >> -- >> To UNSUBSCRIBE, email to [EMAIL PROTECTED] >> with a subject of "unsubscribe". Trouble? Contact >> [EMAIL PROTECTED] >> >> > -- Life is 10 percent what you make it and 90 percent how you take it. - Irving Berlin -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
