pesarif wrote:
> On Mon, 12 Nov 2001 04:09, Michael D. Viron wrote:
> > The only problem with this, is that the users with '700' on their home
> > directory will not be able to have websites (since apache needs a minimum
> > of 755).
> I had precisely the same problem with apache.
> But doesn't 755 destroy the privacy of users' files?
I'm not an expert by any means, but I thought I'd take a stab at
answering your questions -- corrections are welcome.
I'm not sure that Apache needs 755 -- are you talking about the apache
executable files or web pages to be served?
Mandrake 7.2 installs the apache executables somewhere and defaults to
storing web pages and so forth in /home/httpd IIRC.
If a user want to store web pages to be served in his own home
directory, he has to do a number of things:
* Modify the httpd.conf file (somewhere over in /etc, IIRC) to treat
some directory in his home directory as what I'll call an "htdocs"
directory. IIRC, he does this by setting an "alias" for the directory
in the httpd.conf file.
* Files in that directory to be served must somehow allow read access
by the "apache user" (the "owner" of the apache executable files, which
is not recommended to be root for security reasons). IIRC, the apache
user on Mandrake 7.2 is "apache" (many other systems use "nobody", some
use something else). There are various ways to allow read access by
"apache", some are:
* Set the world permissions to 5 (like 715) so everyone can read
the file
* Set the group to "apache" (or a group including apache) and the
group permissions to 5 (like 751).
The above ignores a few points:
* apache may need execute permissions on the directory containing
those files, so it can search the directory
* if you install something like a wiki (TWiki) that allows people to
edit these files via their web browser, apache must have write access to
these files.
> And how come MDK8.0 by default does 700?
I don't know.
Hope this helps,
Randy Kramer
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
