Roger Oberholtzer wrote:
> All the files in your trac place (and the container directory) should
> belong to wwwrun. That is how all my trac files are. On openSUSE, this
> is the user apache usually runs as.
>
>
No, they really shouldn't. That's a serious security risk. People do
this a lot, because it's easy. But it's risky as hell, since it means a
bad script can rewrite your Trac script. Oops.
You want the wwwrun user (or whatever other user the web server runs
under) to have write access to only those files that Trac needs to write
to, and only read access to anything else.
I'd recommend instead that you assign the owner of the files to
something safer (I typically use an ordinary user), and assign the
*group* of the files to the Unix group that the web server runs under
('www' for SuSE flavored OS). And I then make only those files and
directories that *need* to be writable be exposed.
Cheers,
Rob Thorne
Torenware Networks
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Trac
Users" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected]
For more options, visit this group at
http://groups.google.com/group/trac-users?hl=en
-~----------~----~----~----~------~----~------~--~---
