Apache public_html question

linuxmaillists at charter.net linuxmaillists at charter.net
Tue Mar 27 22:30:31 UTC 2007


On Sunday 25 March 2007, Charles Curley wrote:
> On Sat, Mar 24, 2007 at 10:06:19PM -0700, Don Russell 
wrote:
> > I'm writing a small php web application at home and
> > developing in my public_html directory.
> >
> > That works fine, except I'm trying to create a file
> > from the php page. I thought I'd be able to create a
> > file in the same directory with the php script, but the
> > fopen(...,'wb') fails with a permission error.
> >
> > I don't mind moving my development work into
> > /var/www/html, but then my problem is when I try to
> > update the script from Dreamweaver on my other machine,
> > I don't know how to set up ftp so I get write access to
> > /var/www
> >
> > So... I need a solution for 1 or both of these:
> >
> > 1 - How to I grant wite access to my public_html so the
> > php web  page can write to it?
>
> You should probably give the fopen fuction a fully
> qualified path name, say
> "/home/donr/public_html/foo.txt". Apache's home directory
> is /var/www (as set in /etc/passwd).
>
> Then, Apache runs as a non root user, apache. So you need
> to set permissions for apache to write in that directory.
> so:
>
> chmod o+w ~/public_html
>
> That's the least secure way to do it: it lets any user on
> your computer write to that directory. Somewhat more
> secure is to create a group having only apache and you in
> it, and give it the group ownership for public_html.
>
> For even greater security, create a directory especially
> for files, say "~/public_html/files", and treat it as
> above.

I do not understand how is the extra directory more secure 
then the group with just the user and apache?

-- 
If the word following begins with 
a vowel, the word you want is...
to read the rest of this, go here 
http://www.wsu.edu/~brians/errors/a.html




More information about the fedora-list mailing list