On 09/17/2013 07:44 AM, Matthew J. Roth issued this missive:
Rick Stevens wrote:
Both trees (the ServerRoot and all of the DocumentRoots) have to be
readable by the user that Apache runs as. Absolutely NO part of the
ServerRoot should be _writable_ by the Apache user. It should only be
writabl
Rick Stevens wrote:
>
>
> Both trees (the ServerRoot and all of the DocumentRoots) have to be
> readable by the user that Apache runs as. Absolutely NO part of the
> ServerRoot should be _writable_ by the Apache user. It should only be
> writable by administrative personnel (root, people in the "
On Tue, 2013-09-17 at 10:15 +1000, Roger wrote:
> I don't grasp the significance of a directory called /html or /better
> or /someothername except that httpd.conf refers to /html. It could
> equally refer to /someothername with the same vulnerability.
Undiplomatic blunt mode - the point would be o
On Tue, 2013-09-17 at 10:15 +1000, Roger wrote:
> The server has public_html as a link to /var/www so I'm guessing it is
> really renaming /var/www to public_html if that makes sence.
> This begs a question, Is linking in this way more secure than actually
> using the /var/www/html.
That linking i
I solved it by:
cd /var/www/html
sudo mkdir tester
Ugh... Make special areas (whether they be virtual hosts, or writable
areas, etc.) outside of the tree. By way of example, you don't want
someone to be able to navigate into a virtual host by simply appending
the directory name to the end of s
On 09/16/2013 04:44 PM, Roger issued this missive:
On 09/16/2013 11:08 PM, Tim wrote:
On Sun, 2013-09-15 at 21:37 +1000, Roger wrote:
I solved it by:
cd /var/www/html
sudo mkdir tester
Ugh... Make special areas (whether they be virtual hosts, or writable
areas, etc.) outside of the tree. By
On 09/16/2013 11:08 PM, Tim wrote:
On Sun, 2013-09-15 at 21:37 +1000, Roger wrote:
I solved it by:
cd /var/www/html
sudo mkdir tester
Ugh... Make special areas (whether they be virtual hosts, or writable
areas, etc.) outside of the tree. By way of example, you don't want
someone to be able to
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
On 09/13/2013 11:28 AM, Martin S wrote:
> On Friday, September 13, 2013 08:18:03 PM Roger wrote:
>
> Yes, to use localhost an username it has to be the username to use
> localhost as root then root is ok. That's why I suggested chown
> root:username s
On Sun, 2013-09-15 at 21:37 +1000, Roger wrote:
> I solved it by:
> cd /var/www/html
> sudo mkdir tester
Ugh... Make special areas (whether they be virtual hosts, or writable
areas, etc.) outside of the tree. By way of example, you don't want
someone to be able to navigate into a virtual host by
On 09/15/2013 11:44 PM, Reindl Harald wrote:
Am 15.09.2013 15:36, schrieb Martin S:
On Sunday, September 15, 2013 09:37:42 PM Roger wrote:
Yes also my experience.
I tried setting up VirtualHost but that also failed.
I solved it by:
cd /var/www/html
sudo mkdir tester
chmod 766 tester
chown
Am 15.09.2013 13:37, schrieb Roger:
> I tried setting up VirtualHost but that also failed
*what* exactly failed?
you need a dns-record or a entry in /etc/hosts for a named virtual host
only define it in the webserver config does not help much
you need to understand the whole concept how a serv
Am 15.09.2013 15:36, schrieb Martin S:
> On Sunday, September 15, 2013 09:37:42 PM Roger wrote:
>> Yes also my experience.
>> I tried setting up VirtualHost but that also failed.
>> I solved it by:
>> cd /var/www/html
>> sudo mkdir tester
>> chmod 766 tester
>> chown user:user tester
>> then
I understand what you're saying and think that Tim's statements may just be
> confusing. Hopefully, he'll reply and clarify his meaning.
>
> Thanks,
>
> Matt
>
> - Original Message -
> From: "Reindl Harald"
> To: "Matthew J.
Am 14.09.2013 21:42, schrieb Matthew J. Roth:
> Reindl Harald wrote:
>>
>> it's not a matter of the distribution set permissions wise and only
>> allow the apache user write access where it is really needed
>>
>> teh document root is *not* such a place
>> temp/cache folders of a web-application a
Am 14.09.2013 20:51, schrieb Matthew J. Roth:
> Please ignore my first reply. I accidentally hit 'Send' before it was
> complete.
i am not that slow in answers, too late
however, it will take days until my posts reach the list
due the holy grail of moderation.
>> www-data is *deb
Am 14.09.2013 20:40, schrieb Matthew J. Roth:
> Reindl Harald wrote:
>>
>> www-data is *debian* because on Redhat the user/groups is named "apache"
>> if you use google add your distribution to the search string!
>
> Please explain how the specific user Apache is running as is relevant
"chown w
Am 14.09.2013 19:10, schrieb Matthew J. Roth:
> Please share some acceptable methods of allowing Apache to write files within
> DocumentRoot. Searching Google for "Apache write within DocumentRoot" yields
> a
> lot of results that recommend giving Apache write access. For example, the
> canoni
On Sunday, September 15, 2013 09:37:42 PM Roger wrote:
> On 09/15/2013 07:40 PM, Martin S wrote:
> >> An answer to this may also solve the original poster's Joolma
> >> installation situation.
> >
> > I've tried installing joomla in my own directory and pointing documentroot
> > to that, but it s
On 09/15/2013 07:40 PM, Martin S wrote:
On Sunday, September 15, 2013 11:18:51 AM Roger wrote:
Ok I've been doing some experimenting with set up Drupalwise,
If I download the file to /Downloads, cd /user then mkdir drupal,
extract from /Downloads to /user/drupal/ all as user, I get correct
own
On Sunday, September 15, 2013 11:18:51 AM Roger wrote:
> Ok I've been doing some experimenting with set up Drupalwise,
>
> If I download the file to /Downloads, cd /user then mkdir drupal,
> extract from /Downloads to /user/drupal/ all as user, I get correct
> ownerships and permissions.
> Then s
Ok I've been doing some experimenting with set up Drupalwise,
If I download the file to /Downloads, cd /user then mkdir drupal,
extract from /Downloads to /user/drupal/ all as user, I get correct
ownerships and permissions.
Then sudo cp -R drupal-7.23 to /var/www/html/ it retains user defaults
On 09/14/2013 10:51 PM, Tim wrote:
Allegedly, on or about 14 September 2013, Roger sent:
There is some belief that /var/www/html is sacrosanct.
More to the point is that you don't let a world-accessible server have
write access to files, willy-nilly. Likewise if it's not actually
"world" acces
Reindl Harald wrote:
>
> it's not a matter of the distribution set permissions wise and only
> allow the apache user write access where it is really needed
>
> teh document root is *not* such a place
> temp/cache folders of a web-application are
For clarification, can the temp/cache folders be s
Please ignore my first reply. I accidentally hit 'Send' before it was complete.
Reindl Harald wrote:
>
> www-data is *debian* because on Redhat the user/groups is named "apache"
> if you use google add your distribution to the search string!
Please explain how the specific user Apache is runnin
Reindl Harald wrote:
>
> www-data is *debian* because on Redhat the user/groups is named "apache"
> if you use google add your distribution to the search string!
Please explain how the specific user Apache is running as is relevant. Is it
only an indicator of the distribution the example is base
Tim wrote:
>
> You should NOT change ownership of /var/www/http to Apache, never do
> that. That's a VERY BAD THING!! Anyone who advises you to do that
> is not to be trusted (whether it's because they're being malicious, or
> simply that they don't know what they're talking about). That al
Allegedly, on or about 14 September 2013, Roger sent:
> There is some belief that /var/www/html is sacrosanct.
More to the point is that you don't let a world-accessible server have
write access to files, willy-nilly. Likewise if it's not actually
"world" accessible, but still widely accessible w
Please set up permission to apache user, probably it will be chmod
apache:apache /var/www/http
You should NOT change ownership of /var/www/http to Apache, never do
that. That's a VERY BAD THING!! Anyone who advises you to do that
is not to be trusted (whether it's because they're being
On Friday, September 13, 2013 08:18:03 PM Roger wrote:
Yes, to use localhost an username it has to be the usernameto use localhost as
root
then root is ok.That's why I suggested chown root:username so both owner and
group
have ownership.Roger
I belive I changed it to that, I'll check when I
Allegedly, on or about 13 September 2013, Karol sent:
> Please set up permission to apache user, probably it will be chmod
> apache:apache /var/www/http
You should NOT change ownership of /var/www/http to Apache, never do
that. That's a VERY BAD THING!! Anyone who advises you to do that
is n
Yes, to use localhost an username it has to be the username
to use localhost as root then root is ok.
That's why I suggested chown root:username so both owner and group have
ownership.
Roger
I belive I changed it to that, I'll check when I'm home.
I noticed that the owner after default install
I belive I changed it to that, I'll check when I'm home.
I noticed that the owner after default install is root:root is there a
reason for this if that's not correct?
2013/9/13 Karol
> Please set up permission to apache user, probably it will be chmod
> apache:apache /var/www/http
>
> Sent from
Please set up permission to apache user, probably it will be chmod
apache:apache /var/www/http
Sent from my iPhone
> On 13 Sep 2013, at 08:50 am, Martin S wrote:
>
> Aye should have mentioned I've tried the solution that is given in the SEL
> popup, but doesn't help.
> I'll try to change the
Aye should have mentioned I've tried the solution that is given in the SEL
popup, but doesn't help.
I'll try to change the permissions as in your suggestion when I have access
to the computer again.
I've tried both Drupal and Joomla and each has it's merits - to each their
own =)
2013/9/13 Roger
I'm trying to set up Joomla on my laptop to play around with a site I'm
planning. However SELinux seems to block write access for the
installation routine to the direcotry /var/www/html and none of the
solutions I've found by googling to allow SELinux httpd write access
seems to work (install
It's a default installation of AMP on Fedora.
So the user you are refering to is? Apache?
2013/9/13 Karol
> Did you gave write, and read access to user?
>
> Sent from my iPhone
>
> > On 13 Sep 2013, at 06:54 am, Martin S wrote:
> >
> > I'm trying to set up Joomla on my laptop to play around wi
Did you gave write, and read access to user?
Sent from my iPhone
> On 13 Sep 2013, at 06:54 am, Martin S wrote:
>
> I'm trying to set up Joomla on my laptop to play around with a site I'm
> planning. However SELinux seems to block write access for the installation
> routine to the direcotry
37 matches
Mail list logo
