Le tridi 3 nivôse, an CCXXV, Xen a écrit : > I think my point was more that I didn't know how to chgrp, but I found I > needed to add myself to www-data first before I could chgrp to it.
Just a basic sanity check: If your web server is running as www-data, then it is better if the files do NOT belong to that user and/or group. For the group, it does not matter much, but for the user it is very important. Most importantly, the web server must not have write access to the files it serves. Some web applications need write access, of course, but they should get write access ONLY to the files and directories they need, NEVER the program files. And the web server must be configured to never execute anything from these directories, if they are served. For example, if your application is making photo albums, it needs write access to the directory where it stores the photos, but only that, and all ScriptAlias or equivalent must be disabled for that directory. Regards, -- Nicolas George
signature.asc
Description: Digital signature
