In article <[EMAIL PROTECTED]>, Brandon Mitchell <[EMAIL PROTECTED]> writes: > On 12 Feb 1998, William R. Ward wrote: >> One comment about permissions: Web files do *NOT* have to be world >> readable. They just have to be readable by the web server. If you >> set up a user and group for your web server (I use www for both) you >> can get by with just having the files be group-readable by the >> webserver's group (and not all the other users on the system).
> I missed the beginning of this thread, but why forbid local users from > viewing files that you let any user outside of your system view? Most > people I know concerned with security in their directories remove the read > permissions on directories so anyone can get to the file, but only if they > know the name. Note, this isn't a high level of security, just another > thing to do. I don't see any reason to add users to more groups. You might have a .htaccess file that limits access to a smaller group of people. I do this in my own web pages - I have a subdirectory with limited access so I have to enter a password to get at the documents there. That directory is mode 750 with the group being "www" - and other users are *not* in the group www (that's the whole point). --Bill. -- William R Ward Bay View Consulting http://www.bayview.com/~hermit/ [EMAIL PROTECTED] 1803 Mission St. #339 voicemail +1 408/479-4072 [EMAIL PROTECTED] Santa Cruz CA 95060 USA pager +1 408/458-8862 PGP Key 0x2BD331E5; Public key at http://www.bayview.com/~hermit/pubkey.txt ----------------------------------------------------------------------------- "The government of the United States of America is not in any sense founded upon the Christian Religion." - John Adams -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .
