Allegedly, on or about 19 June 2013, Anthony sent: > In my case, it looked like root was one of the owners of the directory > but apache wasn't.
That's the usual approach. It means that, by default, nobody can mess with your webserver files (local users, nor strangers over the WWW), unless they have significant privileges to either log-in differently, or to change the directory structure to something else. > In the meantime, I'm assuming simply taking ownership of the directory > shouldn't open any security holes, right? Nothing springs to mind, so long as you keep your own account safe and secure. On a computer either owned by one person, or a webservice managed by one person, common simple solutions are to change ownership, or group-ownership of the files to the account of the person being webmaster. Or one could set up a new webmaster user account, and use that separately from their own account. On my computer, that I use a test bed for websites, I left the /var/www/html/ as default, and set up new directory paths for virtual hosts (for each domain name that I set up a test website), and I own the directories and files in those different locations. Any connections to the webserver using the wrong address, or just the IP, get the default website, which works as an error page. e.g. If you ran WWW sites www.example.com and www.example.net, you might run local test sites from /var/www/example.com/ /var/www/example.net/, with configuration files that associated the website address with those separate directories. Of course, if you use SELinux, you need to check on the contexts being applied. And any that are re-applied, if you do a default relabel. -- [tim@localhost ~]$ uname -rsvp Linux 3.8.13-100.fc17.x86_64 #1 SMP Mon May 13 13:36:17 UTC 2013 x86_64 All mail to my mailbox is automatically deleted, there is no point trying to privately email me, I will only read messages posted to the public lists. George Orwell's '1984' was supposed to be a warning against tyranny, not a set of instructions for supposedly democratic governments. -- users mailing list users@lists.fedoraproject.org To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
