On Thu, 31 May 2007 06:00:11 +1200 Steve Holdoway <[EMAIL PROTECTED]> wrote:
> On Wed, 30 May 2007 22:00:27 +1200 > Nick Rout <[EMAIL PROTECTED]> wrote: > > > I want to have a script updating a web page. Basically it downloads a > > podcast file, amends some tags and saves it to a directory in apache's > > htdocs, (and from there I have other podcast reading software read it.) > > It needs to be run via cron. > > > > I don't want to run the script as root, but the htdocs area is all owned > > by root. > > > > I seem to be completely clueless about how to get the script to be able > > to update in the htdocs hierarchy, it could be the headache i have, or > > the headache could be caused by thinking about it. I can only come up > > with either changing ownership of directories inside > > /var/www/localhost/htdocs (yuk) or running the script as root (yuk). > > > > So someone make a suggestion and save my brain. > > > Your http process will either be running as nobody or www-data. With the > exception of any upload directories, all it requires is read access to the > relevent apache directory tree. Now some prople contend that these files > should also be owned by nobody/www-data, but I contend that they *DONT*, as > it's then an extra hurdle that any hacker needs to jump through before > screwing with your website. > > So, make the htdocs diretriry(ies) owned by yourself, and ensure that > directories have read/execute permission set for other, and read for normal > files. And no write permissions anywhere unless a log file or an upload > location. > > That way you can run anything from your own cron. > > Steve Sorry, I forgot about the file you want to update. You can either cp -f to force the copy to occur, or you can add write permissions to the file itself for yourself, and the directory it resides in.
