You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@httpd.apache.org by Jochen Kächelin <jk...@linux.amsjk.de> on 2002/09/15 14:56:52 UTC

[users@httpd] file permissions of /etc/httpd/httpd.conf

What should be the file permission of

/etc/httpd/httpd.conf
/etc/httpd/ssl.conf ?


These are my actual settings after a installation from the sources:

-rw-r--r--    1 root     root        34876 Sep 15 14:28 httpd.conf
-rw-r--r--    1 root     root        34876 Sep 15 14:28 httpd.conf.bak
-rw-r--r--    1 root     root        34671 Sep 15 00:03 httpd-std.conf
-rw-r--r--    1 root     root        12959 Sep 14 21:33 magic
-rw-r--r--    1 root     root        12381 Sep 14 21:33 mime.types
-rw-r--r--    1 root     root        11063 Sep 15 00:36 ssl.conf
-rw-r--r--    1 root     root        11082 Sep 15 00:17 ssl.conf.ORIG
drwxr-xr-x    2 root     root         4096 Sep 15 00:25 ssl.crt
drwxr-xr-x    2 root     root         4096 Sep 15 00:16 ssl.key


The machine should be used as a virtual domain webserver!

-- 
Jochen Kaechelin


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Re: [users@httpd] file permissions of /etc/httpd/httpd.conf

Posted by Joshua Slive <jo...@slive.ca>.

Jochen Kächelin wrote:
> What should be the file permission of
> 
> /etc/httpd/httpd.conf
> /etc/httpd/ssl.conf ?
> 
> 
> These are my actual settings after a installation from the sources:
> 
> -rw-r--r--    1 root     root        34876 Sep 15 14:28 httpd.conf

That is fine.  The most important thing is that only root should be able 
to write to this file.  If you have sensitive information in their, then 
you might want to also restrict who can read it, but that is not usually 
necessary.

Joshua.


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org