On Wed, Dec 3, 2008 at 7:52 AM, P.V.Anthony <[EMAIL PROTECTED]> wrote: > Hi, [...] > permission user group folder > drwxrwx--- domain_1.com domain_1.com domain_1.com > drwxrwx--- domain_2.com domain_2.com domain_2.com > drwxrwx--- domain_3.com domain_3.com domain_3.com > > Then apache will be member of groups, domain_1.com, domain_2.com and > domain_3.com. > > Is this correct and secure? Is there another better way?
Is there anything wrong to assign group to www or whatever group apache is being assigned to (you might want to consider adding www or something similar, don't use the group 'apache')? I'd keep the group domain_1.com for the user alone. If you add apache to domain_1.com, it will have access to all of domain_1.com group data, not just limited to that directory. I wouldn't want that unless you are very sure that domain_1.com user only have ownership over that folder. I'd also remove group write from the folder and all of its subdirectory (`chmod go-w -R domain_1.com`). It's not required by Apache. User should still be able to have access to his directory through FTP as long as the user write bit is set. This is from my past experience setting up web/ftp servers (and from my current webhost configuration). Your needs may vary enough that it's not suitable anymore. (: HTH, -- Chris [EMAIL PROTECTED] [EMAIL PROTECTED] _______________________________________________ Slugnet mailing list [email protected] http://wiki.lugs.org.sg/LugsMailingListFaq http://www.lugs.org.sg/mailman/listinfo/slugnet
