You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by ar...@cosmic.net.au on 2002/02/27 05:22:14 UTC
Re: SUEXEC/Virtual host configuration
Hi,
When using SUEXEC..
I was wondering what would be best for the
user/group directives?
Eg
would it be best to have
user username
group username(yes each user has its own group)
or
user username
group groupforusers(one group for all users)
Im tending to lean towards the first since I cant see the point in allow a
group of users permissions to a directory?
Also to confirm are the permissions rwxr-x--- ok on the virthost
root directory & cgi bin?
It seems wrong to to give the user w permission, doesnt this allow them to
write into the directory as the suexec username? therefore adding their
own code is possible via the webbrowser?
Thanks
Dave
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: SUEXEC/Virtual host configuration
Posted by Carlos Costa Portela <cc...@servidores.net>.
On Wed, 27 Feb 2002 arrchie@cosmic.net.au wrote:
> Eg
> would it be best to have
> user username
> group username(yes each user has its own group)
>
> or
>
> user username
> group groupforusers(one group for all users)
The second one (a common group for all users) has more sense to
me, since you can specify some actions just for 'apache-users' in your
machine. For example, permission to write in the logs directory.
Best regards,
Carlos.
[ Learn about Web and Apache at http://www.improveyourweb.com ]
_______Carlos Costa Portela_________________________________________________
| e-mail: ccosta@servidores.net | home page: http://casa.ccp.servidores.net |
|_____Tódalas persoas maiores foron nenos antes, pero poucas se lembran______|
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org