httpd.conf in fedora
Mark Weaver
mdw1982 at mdw1982.com
Tue Mar 15 13:38:01 UTC 2005
Paul Howarth wrote:
> On Mon, 2005-03-14 at 19:48 -0500, Mark Weaver wrote:
>
>>Duncan Lithgow wrote:
>>
>>>I *have*
>>>
>>>1. I've edited /etc/httpd/conf/httpd.conf so it reads ...
>>># DocumentRoot "/var/www/html"
>>>DocumentRoot "/mnt/SharedFiles/www"
>>>...
>>>
>>>2. I've commented out /etc/httpd/conf.d/welcome.conf
>>>
>>>3. the /mnt/SharedFiles/www is owned by 'root' and the 'common' group of
>>>which apache is a member.
>>>
>>>But i still get the content from /var/www/error/noindex.html
>>>
>>>Something someone isn't working as I expected!
>>>
>>>Thanks for your patience guys.
>>>
>>>Duncan
>>>
>>
>>I would think you'd want ownership of the DocumentRoot to be that of Apache.
>>
>> i.e. apache.apache
>>
>> instead of
>>
>> root.apache
>>
>>Its been my experience having ownership for a web server's document root
>>can be rather problematic rather than a good thing to do.
>
>
> My DocumentRoot (containing only static pages) is owned by root.root.
> There is absolutely no need for the apache user to own the DocumentRoot
> - it just needs to be able to read static pages. In fact, having the
> apache user able to write these files is a security issue because a web
> server compromise could result in your content being overwritten.
>
> Paul.
actually thats not what I was refering to. Sorry I wasn't more clear.
Soemthing that is public should not be owned by root in that manner. it
should be owned by a non-privileged user such as apache or some other user.
--
Mark
-----------------------------------------------------------
Paid for by Penguins against modern appliances(R)
Linux User Since 1996
Powered by Mandrake Linux 8.2 & RH Fedora Core 3
ICQ# 27816299
More information about the fedora-list
mailing list