On Fri, Aug 7, 2009 at 5:18 AM, Platonides<platoni...@gmail.com> wrote:
> only by /root/?

Well, or otherwise not readable by the web server, like 640
root:admins.  You're right that there's no reason to run a PHP script
as root if you only need root DB access, of course.

> Maintenance scripts shouldn't be run as root. OTOH that would be a good
> method if you used a specific account eg. 'WikiAdmin'. Still, you might
> get funny permissions when running scripts that deal with files.

Well, when I run maintenance scripts I usually don't bother sudoing to
www-data anyway, personally.  Practically none of the scripts touch
files.

_______________________________________________
Wikitech-l mailing list
Wikitech-l@lists.wikimedia.org
https://lists.wikimedia.org/mailman/listinfo/wikitech-l

Reply via email to