permissions for logs

[Paul Stephenson <PS...@ficgroup.com>]

Hello, easy question here.  If I have my user:group set in httpd.conf to
be www for user and www for group, what permissions do the logs need to
have.  Do they have to be writeable by www or does the original thread
running as root take care of it?

Paul Stephenson
Supervisor PC Support
Network and Systems Administrator



---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: permissions for logs

[Joshua Slive <jo...@slive.ca>]

On Fri, 7 Jun 2002, Paul Stephenson wrote:

> Hello, easy question here.  If I have my user:group set in httpd.conf to
> be www for user and www for group, what permissions do the logs need to
> have.  Do they have to be writeable by www or does the original thread
> running as root take care of it?

Neither the log directory, nor any parent directory of the log directory,
should be writable by anyone except the user that starts the server
(usually root).  The log files are opened by the parent process before
forking the children, so the User/Group setting does not affect them.
The log files themselves are created by the server, subject to the
server's umask.


See:
http://httpd.apache.org/docs/misc/security_tips.html


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org