On 12/24/2013 10:37 AM, Raffaele Morelli wrote:
<snip>
Are u kidding? Apache writes and creates everything you want if
directory/files permissions are designed for and that is what you want.
Incorrect. Apache writes or creates NOTHING. The web server user can
create and write files from a script, but it is not Apache doing it.
I agree with the others. User-created files should never be owned by
root. On my servers, files are owned by the person doing the uploading
(which is NOT www-data) and are accessed read-only by group permissions
(with www-data being a member of the group).
On local systems, files are owned by the user creating the files (again,
not www-data), and accessed via the group.
Having user files owned by root means they can only be edited by root
(unless you extend the group permissions - in which case www-data can
also change the permissions). And you should only use root when you
need to change system configurations, update packages, etc. Not for
general user file editing.
Jerry
--
To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
Archive: http://lists.debian.org/52b9bd2e.10...@attglobal.net
