On Fri, Jun 14, 2019 at 08:46:51AM -0400, Greg Wooledge wrote: > On Thu, Jun 13, 2019 at 06:11:03PM -0400, Gene Heskett wrote: > > looks good, but the problem is, only gene=user 1000 has any rights to > > follow that path, so this access must be done as gene, not the default > > www-data:www-data, or even as the parent session of apache2.. > > So change the ownership/permissions on the content. To serve it up > from a web server, you need to make it world-readable. This means that > directories require the x bit, and files require the r bit, for the > "other" (right-most characters in ls -l output, least significant bits > in the octal mode).
Perhaps group readable (074x, x being usually 0) and setting the file's group would suffice? That's my standard setup: the files belong to a "www admin" (can be a regular user, can be root) and have the group www-data. So the web server hasn't (usually) write access to normal htmls and cgi-bins (oh, for the last, execute access for the group is necessary, so 075x. Better safe than... Cheers -- t
signature.asc
Description: Digital signature
