On 12 Feb 1998, William R. Ward wrote: > One comment about permissions: Web files do *NOT* have to be world > readable. They just have to be readable by the web server. If you > set up a user and group for your web server (I use www for both) you > can get by with just having the files be group-readable by the > webserver's group (and not all the other users on the system).
I missed the beginning of this thread, but why forbid local users from viewing files that you let any user outside of your system view? Most people I know concerned with security in their directories remove the read permissions on directories so anyone can get to the file, but only if they know the name. Note, this isn't a high level of security, just another thing to do. I don't see any reason to add users to more groups. Brandon ----- Brandon Mitchell <[EMAIL PROTECTED]> "We all know linux is great... it PGP: finger -l [EMAIL PROTECTED] does infinite loops in 5 seconds" Phone: (757) 221-4847 --Linus Torvalds -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
