File Permissions

[Jim Cornette]

Tim wrote:
> On Tue, 2007-02-20 at 20:14 -0500, Jim Cornette wrote:
>> Isn't apache limited on what it can access, even more than a regular
>> user?
> 
> Yes, by SELinux.  You need to use appropriate contexts for files to be
> served by Apache, or disable SELinux protection on the web server.  I'd
> only do that if you were only locally serving files for testing.
> 

I would want to have protection from SELinux if the site ever was used 
for Internet or Intranet usage. I have seen infiltration attempts toward 
Windows computers on out Intranet so trust would not be possible with 
open services.

I'll have to read up on the most secure way to setup the files being 
served out. I believe I hit on suggestions on google searches concerning 
the issues. One was from a Rich, who may be the same person as 
previously responded and is in agreement with your suggestions. (Setup 
document web admin and separate script web admin groups for maintaining 
the files).

Thanks!
Jim