Linux Help
guides forums blogs
Home Desktops Distributions ISO Images Logos Newbies Reviews Software Support & Resources Linuxhelp Wiki

Welcome Guest ( Log In | Register )



Advanced DNS Management
New ZoneEdit. New Managment.

FREE DNS Is Back

Sign Up Now
 
Reply to this topicStart new topic
> Apache 'conf' And 'html' Permissions?
rjb25
post Dec 8 2003, 04:33 PM
Post #1


Whats this Lie-nix Thing?
*

Group: Members
Posts: 2
Joined: 8-December 03
Member No.: 1,923



I am currently running the Apache webserver under Linux RedHat and am relatively new to the whole thing so please bear with me....

I would sincerely appreciate your recommendations as to:

1) Which user/group (e.g. apache) should own the "etc/httpd/conf/" and "var/www/html" folders and sub-contents?
2) What are the appropriate permissions (chmod nnn?) for the named user/group?

If it makes any difference, I am using basic authentication over SSL and all associated certificate/password files are stored in the conf directory.

Thanks in advance.


Rob.
Go to the top of the page
 
+Quote Post
hughesjr
post Dec 9 2003, 08:03 PM
Post #2


Its GNU/Linuxhelp.net
*******

Group: Admin
Posts: 3,433
Joined: 25-July 03
From: Corpus Chrsiti, TX, USA
Member No.: 1,151



JOEY would be much better at this one...but my install (on a test box) is:

ls -al /etc/httpd | grep conf
drwxr-xr-x 2 root root 4096 Dec 9 18:55 conf

and

ls -al /var/www | grep html
drwxr-xr-x 2 root root 4096 Nov 26 06:32 html

And inside each:

conf:
-rw-r--r-- 1 root root 29914 Nov 26 07:07 httpd.conf
-rw-r--r-- 1 root root 30572 Nov 26 06:41 httpd.conf.bak
-rw-r--r-- 1 root root 12959 Jul 31 10:40 magic

html
-rw-r--r-- 1 root root 117 Nov 26 06:32 index.html
---------------------
The directory /etc/httpd/conf is not accesable via the website ... the /var/www/html is...

I would think the owner doesn't matter....just so long as nobody (or apache ... and their group) has read only access, since one of those users is normally the httpd process owner.


--------------------
Johnny Hughes
hughesjr@linuxhelp.net
Enterprise Alternatives: CentOS, WhiteBoxEL
Favorite Workstation Distros (in order): CentOS, Gentoo, Debian Sarge, Ubuntu, Mandrake, FedoraCore, Slackware, SUSE
Favorite Server Distros (in order): CentOS, WhiteBoxEL, Debian Sarge, Slackware, Mandrake, FedoraCore, Gentoo, SUSE
Go to the top of the page
 
+Quote Post
rjb25
post Dec 9 2003, 09:33 PM
Post #3


Whats this Lie-nix Thing?
*

Group: Members
Posts: 2
Joined: 8-December 03
Member No.: 1,923



Thanks for your response.

Interesting, since my conclusions (see other posting) are a bit different (probably wrong?)

If you have any further thoughts, let me know.


Regards,


Rob.
Go to the top of the page
 
+Quote Post
hughesjr
post Dec 9 2003, 10:15 PM
Post #4


Its GNU/Linuxhelp.net
*******

Group: Admin
Posts: 3,433
Joined: 25-July 03
From: Corpus Chrsiti, TX, USA
Member No.: 1,151



Well ... your permissions are OK ... (and maybe better ...certianly more secure).

as long as the directories are at least r-x and the files are r-- for the apache:apache user then it isn't an issue ... what you don't want is a rw on ethier the directories or files for apache:apache.

so owned by root:root with 755 on the directories and 644 on the files is OK and owned by apache:apache 500 directories ... 400 files is ok as well.

It makes no real difference unless someone obtains access to the machine ... and they can't change anything unless they get root ... and if they get root (and if they care to change any files) all they have to do is change the permissions and owner...


--------------------
Johnny Hughes
hughesjr@linuxhelp.net
Enterprise Alternatives: CentOS, WhiteBoxEL
Favorite Workstation Distros (in order): CentOS, Gentoo, Debian Sarge, Ubuntu, Mandrake, FedoraCore, Slackware, SUSE
Favorite Server Distros (in order): CentOS, WhiteBoxEL, Debian Sarge, Slackware, Mandrake, FedoraCore, Gentoo, SUSE
Go to the top of the page
 
+Quote Post

Reply to this topicStart new topic
1 User(s) are reading this topic (1 Guests and 0 Anonymous Users)
0 Members:

 



RSS Lo-Fi Version Time is now: 10th December 2017 - 11:09 PM