Hi Mark, > The First one is to create a user web2py and make it a member of www-data. > And put the application in the home folder which will work.
No, that would not work at all. Applications are not allowed to install anything under /home. In fact, the whole /home directory does not have to exist on a debian system (although it does exist on most of them). > The second solution > With symlinks (see mail history) > + multi-user and protected by file system > - possible securite leaks through web2py application data (Massimo?) > + easy to update through apt That sounds feasible, but only for those cases where the users start their own applications from their home directories. > The read only problem could be fixed with the Group rights. > We could grant the www-data only write rights, I'm afraid that would not work either. First of all, it violates the packaging guidelines, so this package would never be accepted in Debian. There is a reason for those guidelines - the /usr directory might be mounted via NFS in a readonly mode, so that even the local root user is not allowed to write into it. I'm sorry, but I don't see any other way forward rather than to do a clean separation between the code and the runtime data. Regards, Dima. -- You received this message because you are subscribed to the Google Groups "web2py-users" group. To post to this group, send email to web...@googlegroups.com. To unsubscribe from this group, send email to web2py+unsubscr...@googlegroups.com. For more options, visit this group at http://groups.google.com/group/web2py?hl=en.
