Jerry Stuckle wrote: > Bob Proulx wrote: > > Jerry Stuckle wrote: > > > Ownership of the directory is root:root, but the scripts should > > > *never* be owned by root:root. > > > > Uhmm... No. There is no problem whatsoever with php files being > > owned by root:root. Why do you think it is a problem? > > For them to be owned by root:root, they either needed to be created > by root or chown'd by root. Neither of which is recommended for > user files.
Okay. I see what you are thinking you are saying. You don't want to encourage users to use root if it isn't needed. That is laudable. I agree with it. Up to the point that a person needs to be root for a system administration task. Then they need root and that is okay too. So what about this case then? # apt-get install phpmyadmin $ ls -ld /usr/share/phpmyadmin/main.php -rw-r--r-- 1 root root 15962 Aug 12 2012 /usr/share/phpmyadmin/main.php The php scripts are owned by root:root. Nothing wrong with it. This is all as expected. I see that you added the qualifier "user files". Okay. But before this point we weren't talking about user files. Up until then we were just talking about php files generically. Not fair changing the playing field part way through the game. But back to the part about php owner:group... Personally I usually make a "/var/www/rwp" subdirectory and chown it to rwp:rwp for my use and I play and develop there. Or its my laptop and so I take over /var/www directly for my own play. On a production machine I usually set DocumentRoot to /srv/www or /srv/www/www.example.com in a virtual host environment, or other scheme, to keep things organized. I often set them to their own lvm partition to keep them contained. And there I would set it up for an appropriate (not-me) pseudo-user that would be shared with other members of the release team. Every project has its own pseudo-user to hold that project's production files. Among other things this keeps cross-talk between the projects separated. Bob "Never say never."
signature.asc
Description: Digital signature
