Re: [users@httpd] apachectl

Tue, 11 Dec 2007 10:18:09 -0800 

On Tue, 11 Dec 2007, Vincent Bray wrote:


On 11/12/2007, Hiep Nguyen <[EMAIL PROTECTED]> wrote:

should i change to apache user or something else?  i'll have couple people
in this office upload files (.pdf, .php, .js, .doc, .xls, etc...) to
/var/www/html/ folder and i don't want to give root password to them.


Don't use the apache user unless the web server needs to be able to
write to your content. It sounds very much like that's not the case.




i'm not quite sure what you meant by "write to your content", but this 
server needs ability to generate pdf files (and save to 
/var/www/html/pdf/)and others.  right now, i use 
apache, php, & mysql to write my website, but i'm sure java and other 
stuffs will be added on later.


is this mean that i have to change /var/www/html/ to apache user?

what is the danger of change /var/www/html/ to apache user?


if i leave as root, can i create a few accounts and let them use these
accounts to upload files?  is there any problem when the folder is root
and files are not root owner?


I'd recommend the following:

* Give everyone their own user account
* Create a group for the site, something like 'webeditors'
* Add all your editors to that group
* Change the group ownership of /var/www/html to that group
* Change the mode of that directory to 2775
* Make sure whatever service your editors use to upload (ftp, sftp)
has umask 002
* Have at it :-)

If that's too complicated or too fragile (the umask is important, and
sometimes hard to control) just create a separate user account, chown
/var/www/html to that user and give the editors the password.

--
noodl

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]




---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: [EMAIL PROTECTED]
  "   from the digest: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]























					Reply via email to