Re: [users@httpd] Why do I need /var/www as DocumentRoot & www-data as www owner?

[Brian Mearns <me...@bmearns.net>]

Correct me if I'm wrong, but based on the way your message sounds, you
don't appear to have any knowledge of the httpd.conf file? It's the main
configuration file for your server, and it includes a DocumentRoot
directive that allows you to specify the document root. The default may be
/var/www, but you should be able to set it to anything you want. The same
is true for the user and group that apache uses: these can be configured
with the User and Group directives. I personally have no idea about the
security implications of choosing one document root or user/group over
another, but (as I said), it doesn't sound like you realize they can be
changed, so I just wanted to make sure you knew that.

Secondly---and not to be critical, but hopefully constructive---basing
your work on the absolute paths is a common but dangerous mistake. Of
course it's a lot easier but, as you're beginning to see now, it /always/
comes back to bite you in the long run. Not that it does you any good now,
but it's something you'll probably remember in the future.

Best of luck
-Brian



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Why do I need /var/www as DocumentRoot & www-data as www owner?

[Eric Covener <co...@gmail.com>]

On Tue, Sep 2, 2008 at 5:10 PM, Greg Platt - Platt Consultants
<Gr...@ix.netcom.com> wrote:

>> You're now using someone elses packaging of the Apache HTTP Server.
>> What Apache change are you referring to?

> On my old RedHat 7.2 server as it was delivered, DocumentRoot for each
> <VirtualDomain> was essentially /home/www/mydomain or /www/mydomain
> depending on your perspective. One was basically a link to the other. In the
> new scheme of things, DocumentRoot was moved (and it seems to have been done
> by Apache themselves) to /var/www.

I doubt Apache ever shipped with a default config that included
mod_vhost_alias.  Perhaps RedHat set this up for you, if it really
wasn't configured after the fact.

Apache supports a number of canned layouts that you select at build
time, but they dictate very little in the manner of how you'd add
additional domains / document roots.  It's mostly concerned with where
the binaries, documents, and icons are installed relative to eachother
(along with the initial global DocumentRoot, which for a number of
layouts even in 5.3 is /var/www)

-- 
Eric Covener
covener@gmail.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: [users@httpd] Why do I need /var/www as DocumentRoot & www-data as www owner?

[Greg Platt - Platt Consultants <Gr...@ix.netcom.com>]

On my old RedHat 7.2 server as it was delivered, DocumentRoot for each
<VirtualDomain> was essentially /home/www/mydomain or /www/mydomain
depending on your perspective. One was basically a link to the other. In the
new scheme of things, DocumentRoot was moved (and it seems to have been done
by Apache themselves) to /var/www.

On my old server, each virtual host directory and all of the site's web
content was owned by "mydomainowner" and "mydomaingrp" or "yourdomainowner"
and "yourdomaingrp", etc. All directories above that were owned by root. I
was lead to believe that in the "NEW way" of doing things, www-data should
own the entire web directory structure and all of its content.

Does that answer the question, Eric? 

-----Original Message-----
From: Eric Covener [mailto:covener@gmail.com] 
Sent: Tuesday, September 02, 2008 2:55 PM
To: users@httpd.apache.org; gregplatt@ix.netcom.com
Subject: Re: [users@httpd] Why do I need /var/www as DocumentRoot & www-data
as www owner?

On Tue, Sep 2, 2008 at 4:44 PM, Greg Platt - Platt Consultants
<Gr...@ix.netcom.com> wrote:
>
> Yes, I realize the DocumentRoot location can be changed. Indeed I've
already
> changed it with the sites I converted earlier. What I came here hoping to
> find is someone who understands WHY it was changed by Apache to begin with
> and who could explain the implications of changing it in a different
way...
> especially since on Debian I can change it from one virtual host to
another.
> Frankly, I haven't found anything yet that says there were technological
or
> security reasons why Apache made this change. Not even their documentation
> suggests such reasons exist. If the answer is there ARE no specific
reasons
> for the change, I'm inclined to ignore it and go with what I already have
> working.

You're now using someone elses packaging of the Apache HTTP Server.
What Apache change are you referring to?

-- 
Eric Covener
covener@gmail.com


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Why do I need /var/www as DocumentRoot & www-data as www owner?

[Eric Covener <co...@gmail.com>]

On Tue, Sep 2, 2008 at 4:44 PM, Greg Platt - Platt Consultants
<Gr...@ix.netcom.com> wrote:
>
> Yes, I realize the DocumentRoot location can be changed. Indeed I've already
> changed it with the sites I converted earlier. What I came here hoping to
> find is someone who understands WHY it was changed by Apache to begin with
> and who could explain the implications of changing it in a different way...
> especially since on Debian I can change it from one virtual host to another.
> Frankly, I haven't found anything yet that says there were technological or
> security reasons why Apache made this change. Not even their documentation
> suggests such reasons exist. If the answer is there ARE no specific reasons
> for the change, I'm inclined to ignore it and go with what I already have
> working.

You're now using someone elses packaging of the Apache HTTP Server.
What Apache change are you referring to?

-- 
Eric Covener
covener@gmail.com

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: [users@httpd] Why do I need /var/www as DocumentRoot & www-data as www owner?

[Greg Platt - Platt Consultants <Gr...@ix.netcom.com>]

Your comments are "right on" here, Lester. I think we become our own enemies
when we mindlessly follow the layouts provided by distro authors or hosting
providers like a school of lemmings hell bent on destruction. That makes it
easy for ANYONE who knows the way our distro providers or server hosts do
things to hack our servers in seconds using standard scripts. I had that
happen more than once at my old hosting provider and I'm convinced it was an
"inside job".

There's really nothing wrong with what Apache or Debian did. It's just that
I didn't go to all this work to make it easy for anyone to hack my server.
Thanks very much, but I prefer to dance to the beat of a different drummer.

I agree... rigid conformity at these levels is not necessarily a good thing.


Thanks.

-----Original Message-----
From: Lester Caine [mailto:lester@lsces.co.uk] 
Sent: Tuesday, September 02, 2008 11:15 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Why do I need /var/www as DocumentRoot & www-data
as www owner?

Greg Platt - Platt Consultants wrote:
> I'm not arguing for or against what Debian did. One thing I can say is
their
> approach provides an individual VirtualHost file for each domain. It thus
> tends to isolate any damage that might be done in editing httpd.conf to a
> single domain. It also makes it easy to disable one domain using their
> a2dissite utility without any risk of affecting other domains.
> 
> Other than that, I honestly don't care. I was actually quite comfortable
> with the httpd.conf approach too. I wasted several hours when I first got
> involved with Debian trying to figure out exactly how their setup
differed. 
> 
> Indeed, it was just after I'd gone through the struggle of figuring all
that
> out and had gotten my 3 test sites working under the Debian paradigm that
> another Debian user remarked about my "unusual" directory structure and
> expressed the opinion that the entire web structure "should be" owned by
> www-data and all sites should be under /var/www. It was at that point that
I
> began to worry I had somehow misinterpreted Apache and Debian's intent
here.
> 
> That's what eventually lead to my first post here today.

I think that there is a little too much 'THIS is the right way!' on some of 
the DISTRIBUTIONS of Apache ( and PHP ), but now that I've got used to the 
/etc/apache2/ layout ( on SUSE in my case ) I do think it's easier than 
Mandrivas /etc/httpd/ . Having to bounce between Windows and Linux, trying
to 
emulate some of the Linux ideas in Windows is fun, but worth the effort. 
Splitting the .conf up does make sense.

As for the LOCATION of the target files, I think this is more a case of how 
each distribution partitions the disk by default. Having /var on the 8Gb
root 
partition means that logging and large sites very quickly fill up the 
partition, so one almost HAS to move to the 'other' partition which on 
Mandriva is /home ....
Alternatively I dropped a 500Gb disk into one of the servers and partitioned

that as /var - I think that will take a time to fill ....
At the end of the day the 'target' users of a distribution determine it's 
preferred default and many of them are targeting 'desktop' over 'server' so 
NOT providing the most practical layouts for running Apache.

-- 
Lester Caine - G8HFL
-----------------------------
Contact - http://lsces.co.uk/lsces/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk//
Firebird - http://www.firebirdsql.org/index.php


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Why do I need /var/www as DocumentRoot & www-data as www owner?

[Lester Caine <le...@lsces.co.uk>]

Greg Platt - Platt Consultants wrote:
> I'm not arguing for or against what Debian did. One thing I can say is their
> approach provides an individual VirtualHost file for each domain. It thus
> tends to isolate any damage that might be done in editing httpd.conf to a
> single domain. It also makes it easy to disable one domain using their
> a2dissite utility without any risk of affecting other domains.
> 
> Other than that, I honestly don't care. I was actually quite comfortable
> with the httpd.conf approach too. I wasted several hours when I first got
> involved with Debian trying to figure out exactly how their setup differed. 
> 
> Indeed, it was just after I'd gone through the struggle of figuring all that
> out and had gotten my 3 test sites working under the Debian paradigm that
> another Debian user remarked about my "unusual" directory structure and
> expressed the opinion that the entire web structure "should be" owned by
> www-data and all sites should be under /var/www. It was at that point that I
> began to worry I had somehow misinterpreted Apache and Debian's intent here.
> 
> That's what eventually lead to my first post here today.

I think that there is a little too much 'THIS is the right way!' on some of 
the DISTRIBUTIONS of Apache ( and PHP ), but now that I've got used to the 
/etc/apache2/ layout ( on SUSE in my case ) I do think it's easier than 
Mandrivas /etc/httpd/ . Having to bounce between Windows and Linux, trying to 
emulate some of the Linux ideas in Windows is fun, but worth the effort. 
Splitting the .conf up does make sense.

As for the LOCATION of the target files, I think this is more a case of how 
each distribution partitions the disk by default. Having /var on the 8Gb root 
partition means that logging and large sites very quickly fill up the 
partition, so one almost HAS to move to the 'other' partition which on 
Mandriva is /home ....
Alternatively I dropped a 500Gb disk into one of the servers and partitioned 
that as /var - I think that will take a time to fill ....
At the end of the day the 'target' users of a distribution determine it's 
preferred default and many of them are targeting 'desktop' over 'server' so 
NOT providing the most practical layouts for running Apache.

-- 
Lester Caine - G8HFL
-----------------------------
Contact - http://lsces.co.uk/lsces/wiki/?page=contact
L.S.Caine Electronic Services - http://lsces.co.uk
EnquirySolve - http://enquirysolve.com/
Model Engineers Digital Workshop - http://medw.co.uk//
Firebird - http://www.firebirdsql.org/index.php

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: [users@httpd] Why do I need /var/www as DocumentRoot & www-data as www owner?

[Greg Platt - Platt Consultants <Gr...@ix.netcom.com>]

I'm not arguing for or against what Debian did. One thing I can say is their
approach provides an individual VirtualHost file for each domain. It thus
tends to isolate any damage that might be done in editing httpd.conf to a
single domain. It also makes it easy to disable one domain using their
a2dissite utility without any risk of affecting other domains.

Other than that, I honestly don't care. I was actually quite comfortable
with the httpd.conf approach too. I wasted several hours when I first got
involved with Debian trying to figure out exactly how their setup differed. 

Indeed, it was just after I'd gone through the struggle of figuring all that
out and had gotten my 3 test sites working under the Debian paradigm that
another Debian user remarked about my "unusual" directory structure and
expressed the opinion that the entire web structure "should be" owned by
www-data and all sites should be under /var/www. It was at that point that I
began to worry I had somehow misinterpreted Apache and Debian's intent here.


That's what eventually lead to my first post here today.

-----Original Message-----
From: Joseph S D Yao [mailto:jsdy@tux.org] 
Sent: Tuesday, September 02, 2008 2:59 PM
To: Greg Platt - Platt Consultants
Cc: users@httpd.apache.org
Subject: Re: [users@httpd] Why do I need /var/www as DocumentRoot & www-data
as www owner?

I have no clue why the Debian Etch distribution is set up as you
describe.

I do remember discussion about the time /var/www was first used, long
ago, about /var always being a read-write file system even if the others
were mounted read-only from some other medium [CD-ROM, NFS, etc.].  This
seemed to be at least part of the motivation.  But I can't speak for
Apache at all.


-- 
/*********************************************************************\
**
** Joe Yao				jsdy@tux.org - Joseph S. D. Yao
**
\*********************************************************************/


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Why do I need /var/www as DocumentRoot & www-data as www owner?

[Joseph S D Yao <js...@tux.org>]

I have no clue why the Debian Etch distribution is set up as you
describe.

I do remember discussion about the time /var/www was first used, long
ago, about /var always being a read-write file system even if the others
were mounted read-only from some other medium [CD-ROM, NFS, etc.].  This
seemed to be at least part of the motivation.  But I can't speak for
Apache at all.


-- 
/*********************************************************************\
**
** Joe Yao				jsdy@tux.org - Joseph S. D. Yao
**
\*********************************************************************/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: [users@httpd] Why do I need /var/www as DocumentRoot & www-data as www owner?

[Greg Platt - Platt Consultants <Gr...@ix.netcom.com>]

Your points are all excellent, Justin and very clearly stated too. Frankly,
they're almost exactly the same conclusions I came to on my own. I could see
no reason why Apache should (or would) give a damn about the location of
DocumentRoot or who owns it... ESPECIALLY when they let the user change
DocumentRoot for each virtual host if he wants.

Yet, someone I respect had suggested otherwise and later when I discovered
ISPConfig makes similar assumptions about user and group names and location
for web directories, I thought perhaps I had overlooked something. Thanks
for confirming what I concluded to begin with. It helps me feel I wasn't so
stupid after all. ;)

Also, I want to thank Eric Covener, Jo Yao and Lester Caine who also offered
helpful (and confirming) responses to my question.

Have a GREAT day, guys!

Best Professional Regards,
Greg Platt

-----Original Message-----
From: Justin Pasher [mailto:justinp@newmediagateway.com] 
Sent: Tuesday, September 02, 2008 3:07 PM
To: users@httpd.apache.org
Subject: Re: [users@httpd] Why do I need /var/www as DocumentRoot & www-data
as www owner?

Greg Platt - Platt Consultants wrote:
> Yes, I realize the DocumentRoot location can be changed. Indeed I've
already
> changed it with the sites I converted earlier. What I came here hoping to
> find is someone who understands WHY it was changed by Apache to begin with
> and who could explain the implications of changing it in a different
way...
> especially since on Debian I can change it from one virtual host to
another.
> Frankly, I haven't found anything yet that says there were technological
or
> security reasons why Apache made this change. Not even their documentation
> suggests such reasons exist. If the answer is there ARE no specific
reasons
> for the change, I'm inclined to ignore it and go with what I already have
> working. 
>   

In regards strictly to technological or security reason for putting the 
DocumentRoot under /var/www, /home/www, or any other directory you like, 
there are none. The "default" location for this directory is ultimately 
up to the end user. Different Linux distributions will use different 
default directories. It's all a matter of what the file/directory name 
standard is for that distro. The same goes for the user account used to 
run the daemon (www-data for Debian, apache for RedHat based, I believe, 
etc).

The security of the directory is only determined by YOU (i.e. how secure 
you MAKE it). The apache user (whether it be apache, www-data, nobody, 
or any other system user) simply needs execute access on the 
DocumentRoot directory (and all parent directories) and read permission 
on the files it will be serving. The files themselves do not need to be 
owned by the apache user, nor do they need write access, unless you 
specifically want this (e.g. a script that allows the user to upload a 
file and it's stored in a directory under DocumentRoot). In fact, it can 
potentially be a security risk if the files allow the apache user write 
access (what happens if someone hacks a script and it attempts to modify 
a file on the website?).

In general, I find it best to simply follow the naming conventions of 
the distro (you can use symlinks if needed to make it easier for 
transitioning). This allows someone that is familiar with that distro to 
come in and not be surprised by a completely different file structure.


Justin Pasher


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] Why do I need /var/www as DocumentRoot & www-data as www owner?

[Justin Pasher <ju...@newmediagateway.com>]

Greg Platt - Platt Consultants wrote:
> Yes, I realize the DocumentRoot location can be changed. Indeed I've already
> changed it with the sites I converted earlier. What I came here hoping to
> find is someone who understands WHY it was changed by Apache to begin with
> and who could explain the implications of changing it in a different way...
> especially since on Debian I can change it from one virtual host to another.
> Frankly, I haven't found anything yet that says there were technological or
> security reasons why Apache made this change. Not even their documentation
> suggests such reasons exist. If the answer is there ARE no specific reasons
> for the change, I'm inclined to ignore it and go with what I already have
> working. 
>   

In regards strictly to technological or security reason for putting the 
DocumentRoot under /var/www, /home/www, or any other directory you like, 
there are none. The "default" location for this directory is ultimately 
up to the end user. Different Linux distributions will use different 
default directories. It's all a matter of what the file/directory name 
standard is for that distro. The same goes for the user account used to 
run the daemon (www-data for Debian, apache for RedHat based, I believe, 
etc).

The security of the directory is only determined by YOU (i.e. how secure 
you MAKE it). The apache user (whether it be apache, www-data, nobody, 
or any other system user) simply needs execute access on the 
DocumentRoot directory (and all parent directories) and read permission 
on the files it will be serving. The files themselves do not need to be 
owned by the apache user, nor do they need write access, unless you 
specifically want this (e.g. a script that allows the user to upload a 
file and it's stored in a directory under DocumentRoot). In fact, it can 
potentially be a security risk if the files allow the apache user write 
access (what happens if someone hacks a script and it attempts to modify 
a file on the website?).

In general, I find it best to simply follow the naming conventions of 
the distro (you can use symlinks if needed to make it easier for 
transitioning). This allows someone that is familiar with that distro to 
come in and not be surprised by a completely different file structure.


Justin Pasher

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

RE: [users@httpd] Why do I need /var/www as DocumentRoot & www-data as www owner?

[Greg Platt - Platt Consultants <Gr...@ix.netcom.com>]

Thanks for the reply, Brian. Yes, I think I'm fairly familiar with the role
of httpd.conf. It is for example, where the virtual hosts were defined on
RedHat in my earlier version of Linux. In fact I did have an occasional need
to make changes to that file on my old RedHat implementation of Linux.

Perhaps I didn't explicitly point out in my first post that I'm now running
on a server that features Debian Etch. The httpd.conf file in my current
structure arrived 100% empty. In fact, in their 'infinite wisdom', Debian
developers try to steer users away from httpd.conf entirely. Here's a link
to an article that discusses this:
www.control-escape.com/web/configuring-apache2-debian.html 

Yes, I realize the DocumentRoot location can be changed. Indeed I've already
changed it with the sites I converted earlier. What I came here hoping to
find is someone who understands WHY it was changed by Apache to begin with
and who could explain the implications of changing it in a different way...
especially since on Debian I can change it from one virtual host to another.
Frankly, I haven't found anything yet that says there were technological or
security reasons why Apache made this change. Not even their documentation
suggests such reasons exist. If the answer is there ARE no specific reasons
for the change, I'm inclined to ignore it and go with what I already have
working. 

For the record, I've searched each of the key files in the Debian Apache
Config file structure for the direct counterpart to DocumentRoot. The only
place I find any references to DocumentRoot is in the individual VirtualHost
configuration files I created.  I can't find it anywhere else in Debian's
Apache config structure.

That's part of what leaves me confused. I feel like the Connecticut Yankee
in King Arthur's Court here. It's hard to know for sure when you've just
made a quantum leap across hardware generations, software generations AND
Linux versions just how much of the change you're seeing is  the result of
the work of Apache developers versus the work product of Debian Developers
who thought they knew a "better way". That's as hard as trying to figure out
where the Camel ate his last meal by examining the straw in a dung pile you
stepped in the desert. ;)

After 40 years in the biz, my first motto is "Do no harm." And my second is
"Do your best to try to understand any harm you MIGHT do." That's why I'm
here looking for guidance. 

I agree with you about the need to avoid absolute paths in software setups,
Brian. My sole excuse (and it's a weak one) is often when you buy these
packages they don't offer or suggest pathing alternatives. Instead, they
simply demand "path to sendmail on your server" with (or without) a trailing
slash. Nevertheless, your point is well taken. I promise the next time I run
across the 49 year old version of me dashing up and down the hallways of
time, I'll make it a point to kick his butt for not adequately anticipating
everything that would happen 9 years in the future! 

Thanks again for the reply and suggestions, sir. I sincerely appreciate it! 

-----Original Message-----
From: Brian Mearns [mailto:mearns@bmearns.net] 
Sent: Tuesday, September 02, 2008 1:25 PM
To: gregplatt@ix.netcom.com
Cc: users@httpd.apache.org
Subject: Re: [users@httpd] Why do I need /var/www as DocumentRoot & www-data
as www owner?

Correct me if I'm wrong, but based on the way your message sounds, you
don't appear to have any knowledge of the httpd.conf file? It's the main
configuration file for your server, and it includes a DocumentRoot
directive that allows you to specify the document root. The default may be
/var/www, but you should be able to set it to anything you want. The same
is true for the user and group that apache uses: these can be configured
with the User and Group directives. I personally have no idea about the
security implications of choosing one document root or user/group over
another, but (as I said), it doesn't sound like you realize they can be
changed, so I just wanted to make sure you knew that.

Secondly---and not to be critical, but hopefully constructive---basing
your work on the absolute paths is a common but dangerous mistake. Of
course it's a lot easier but, as you're beginning to see now, it /always/
comes back to bite you in the long run. Not that it does you any good now,
but it's something you'll probably remember in the future.

Best of luck
-Brian



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org