Voytek Eymont wrote:
...snip.....
> if I have users that simply have web server and mail server hosted, and,
> all they get is ftp access, is that the way to edit their 'entitlements',
> as per apache sample above ?
...snip.....
> yes, that part is OK, it's the permissions I need to understand, the pages
> are not served based on insufficient permission
>
> so, I should give
> files: rw r r
> directories: xrw xr xr
AIUII
There are two aspects here, user & group ownership and user/group/world
permissions.
The way I approach this is to set the user ownership (of the directory
and all files and sub-directories) to the login user that can edit the
files. So each company would have a user that logs on to upload/change
their WWW pages and has "ftp" access to their companies file areas.
I set the group ownership to your server process (apache, nobody, ???).
I set the user permissions to 7/rwx
I set the group/world permissions to 55/r_xr_x for all directories and
most files.
I set images to 750 (and anything else I don't want spidered)
I make sure that all subdirectories that I don't want spidered at 750
(especially don't forget the ones listed in robots.txt)
> I see every user I've made gets a group made as well, should I make a
> group, say, web_users, and, put all users there ? then , manage it by that
> group ?
It really depends on what your client wants and what you are providing.
If you are providing a common access area, then having all logins from
one company in the one group makes sense, so that group has write access
to that area.
However, a login can have multiple groups (check /etc/group & "man
group"), so it might be easier (best security), that user "fred" is in
group fred, and group "freds-companyX" and group company-x-webmeisters"
(if need be).
--
Terry Collins {:-)}}} Ph(02) 4627 2186 Fax(02) 4628 7861
email: [EMAIL PROTECTED] www: http://www.woa.com.au
Wombat Outdoor Adventures <Bicycles, Books, Computers, GIS>
"People without trees are like fish without clean water"
--
SLUG - Sydney Linux User's Group - http://slug.org.au/
More Info: http://lists.slug.org.au/listinfo/slug
