IMHO I feel that the current permissions of root:root 755 are sufficient. Should a user/application have specific requirements then this can be easily changed.
Regards, Charles Hooper Giorgio Zarrelli wrote: > Hi, > > > better would be to let the subdir under /var/www to be owned by > user.apachegoup and set to 755. > > > This way, each user can manage his contents and apache can only read > them and show their contents to visitors. > > > Giorgio > > > Il Monday 17 August 2009 14:18:38 Roy Sigurd Karlsbakk ha scritto: > > On 17. aug.. 2009, at 13.43, Armindo Silva wrote: > > > Shouldn't be owned by www-data so apache can write there? > > > > No. Allowing the apache user to change or delete its website is no > > good and allows for much easier hacking/defacing the site(s) on the > > box. If the apache user cannot write to /var/www, a security bug in > > the web server won't allow the hacker write access to /var/www, so > > less harm done. > > > > roy > > -- > > Roy Sigurd Karlsbakk > > (+47) 97542685 > > [email protected] > > http://blogg.karlsbakk.net/ > > -- > > I all pedagogikk er det essensielt at pensum presenteres > > intelligibelt. Det er et elementært imperativ for alle pedagoger å > > unngå eksessiv anvendelse av idiomer med fremmed opprinnelse. I de > > fleste tilfeller eksisterer adekvate og relevante synonymer på norsk. > > > -- ubuntu-server mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-server More info: https://wiki.ubuntu.com/ServerTeam
