[imp] Error in imp

Rich Lafferty rich@horde.org
Mon, 30 Oct 2000 16:11:43 -0500

Previous message: [imp] Error in imp
Next message: [imp] Error in imp
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, Oct 30, 2000 at 06:06:05PM -0300, Martin A. Marques (martin@math.unl.edu.ar) wrote:
> On Lun 30 Oct 2000 17:59, Steven Westbrook wrote:
> > What do the permissions need to be?  Right now they are for the phplib
> > directory:
> >
> > -rw-r--r-- root root
> 
> That depends. This look good, but I would change the ownership to 
> nobody:nobody in the case of apache running as nobody with group nobody.

Er, why? Given no particular *need* for that, you *don't* want Apache
to be able to write to the files it has to read. Since root can write
to them no matter *who* owns them, having them owned by root is
just fine. The intention of a 'nobody' user is that it doesn't have
privileges. 

(As an aside, make sure that you're not sharing nobodies -- if apache
runs as 'nobody' and the database runs as 'nobody', then you're really
sort of circumventing the point. Best a 'nul-www' and 'nul-db' user
instead, so that an Apache bug can't cause a database compromise and
vice versa.)

  -Rich

-- 
------------------------------ Rich Lafferty ---------------------------
 Sysadmin/Programmer, Instructional and Information Technology Services
   Concordia University, Montreal, QC                 (514) 848-7625
------------------------- rich@alcor.concordia.ca ----------------------

Previous message: [imp] Error in imp
Next message: [imp] Error in imp
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]