2013-12-31 09:01 keltezéssel, Raffaele Morelli írta: > Jerry Stuckle wrote: > > Raffaele Morelli wrote: > > > Again, the www-data user can safely be the owner of everything > in the > > > webroot, just think of phpmyadmin, there's nothing unsafe in > www-data > > The default for phpmyadmin is that the files are owned by root not > www-data. If they were owned by www-data then they would be unsafe. > (If, and this is a hypothetical if, you told me the files were owned > by a special phpmyadmin-data account, then I would say okay too. > Because that is a different user from the www-data user.) > > > phpmyadmin files can be safely owned by www-data with NO write > permissions and you should explain why they are not.
If there is no write permission for www-data user (which of course should be provided) than there is no reason to be the files in www-data ownership. The one thing you should provide that these files shouldn't be written by www-data user (and the group which it belongs to). And the simplest way to provide it is to change the ownership of the whole directory tree to a user which is not www-data. (e.g with a chown -R ....) Of course there can be other solutions too but they are more complicated. And if you can choose between different solutions the simpler is the better. -- --- Friczy --- 'Death is not a bug, it's a feature' -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: http://lists.debian.org/52c2d4fd.7010...@freemail.hu
