User rights to update /var/www/
Tim
ignored_mailbox at yahoo.com.au
Sat Aug 27 12:58:04 UTC 2005
Tim:
>> Do pay heed to someone's prior warning about giving users the same group
>> as the apache software, it's a security risk (accidents as well as
>> malicious activity). Better to make a separate webmasters group for the
>> files that'll be served, and the authors.
James Pifer:
> Well, how do you do this? Right now root is the owner of the files and
> apache is the group assignment. How do I give others rights to update
> the files in a safe manner?
man chown
Think about how you're going to do this, and apply it to directories and
files, starting at /var/www/html. You could leave root as the owner,
make authors the group, add everyone who's an author to the author group
(webmasters is a long word, and makes listing directories a bit
messier).
Something as simple as: chown -R root:authors /var/www/html/*
You may need to do a separate non-recursive one for the "html"
directory.
e.g. chown root:authors /var/www/html
And ensure that owners and the group can read and write files, other
users can only read files.
e.g. chmod -R o+rw,g+rw,o-w /var/www/html/*
Likewise, you may need to do a separate non-recursive one for the "html"
directory.
e.g. chmod o=rwx,g=rwx,o=wx /var/www/html
(Remember executable permissions are needed for directories, but usually
not wanted for web servable files.)
--
Don't send private replies to my address, the mailbox is ignored.
I read messages from the public lists.
More information about the fedora-list
mailing list