Re: [WebDNA] Silly question

This WebDNA talk-list message is from

2009


It keeps the original formatting.
numero = 103222
interpreted = N
texte = Ken, don't you think it is a security risk to add apache to root? Apache would be able to act on any file throughout the system then. For example a malicious script would have root access, could install extra services, etc. Bill On Wed, Aug 12, 2009 at 3:05 PM, Kenneth Grome wrote: >> Is there an easy way to set file permissions to 777 as >> default for all .db files (in CentOS/Apache)? > > > Assuming you're using a default CentOS 5.3 + WebDNA 6.2 > installation and logging in as root to manage your website > files you do NOT have to change any file permissions. > > Here's the easy way to get permissions working properly when > setting up a default CentOS 5.3 + WebDNA 6.2 server: > > 1- Change umask from 022 to 002 in /etc/bashrc > 2- Put user "apache" into the "root" group > > That's all there is to it. > > If you perform these two simple tasks then reboot *before* > you upload any files to the server WebDNA will work correctly > at its default permission settings. =A0You can even make these > changes before installing WebDNA. > > Here's how it works: > > The umask change insures that newly created and uploaded > files can be modified by other users in the same group as the > user who created/uploaded those files. =A0This means (for > example) that when root uploads a file every user in the root > group can modify it -- including user "apache" which you > just put into the root group. > > And since WebDNA is "apache" on a CentOS server this means > WebDNA can modify every file created and uploaded by "root" > -- after you've made those two simple changes above. > > :) > > Sincerely, > Ken Grome > > > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > old archives: http://dev.webdna.us/TalkListArchive/ > Bug Reporting: http://forum.webdna.us/eucabb.html?page=3Dtopics&category= =3D288 > Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Silly question (Stuart Tremain 2016)
  2. Re: [WebDNA] Silly question (christophe.billiottet@webdna.us 2016)
  3. [WebDNA] Silly question (Steve Craig 2016)
  4. Re: [WebDNA] Silly question (Kenneth Grome 2009)
  5. Re: [WebDNA] Silly question (William DeVaul 2009)
  6. Re: [WebDNA] Silly question (Kenneth Grome 2009)
  7. Re: [WebDNA] Silly question (William DeVaul 2009)
  8. Re: [WebDNA] Silly question (Marc Thompson 2009)
  9. Re: [WebDNA] Silly question (Frank Nordberg 2009)
  10. Re: [WebDNA] Silly question (Terry Wilson 2009)
  11. Re: [WebDNA] Silly question (John Butler 2009)
  12. Re: [WebDNA] Silly question (Kenneth Grome 2009)
  13. Re: [WebDNA] Silly question (Terry Wilson 2009)
  14. Re: [WebDNA] Silly question (Bob Minor 2009)
  15. [WebDNA] Silly question (Frank Nordberg 2009)
Ken, don't you think it is a security risk to add apache to root? Apache would be able to act on any file throughout the system then. For example a malicious script would have root access, could install extra services, etc. Bill On Wed, Aug 12, 2009 at 3:05 PM, Kenneth Grome wrote: >> Is there an easy way to set file permissions to 777 as >> default for all .db files (in CentOS/Apache)? > > > Assuming you're using a default CentOS 5.3 + WebDNA 6.2 > installation and logging in as root to manage your website > files you do NOT have to change any file permissions. > > Here's the easy way to get permissions working properly when > setting up a default CentOS 5.3 + WebDNA 6.2 server: > > 1- Change umask from 022 to 002 in /etc/bashrc > 2- Put user "apache" into the "root" group > > That's all there is to it. > > If you perform these two simple tasks then reboot *before* > you upload any files to the server WebDNA will work correctly > at its default permission settings. =A0You can even make these > changes before installing WebDNA. > > Here's how it works: > > The umask change insures that newly created and uploaded > files can be modified by other users in the same group as the > user who created/uploaded those files. =A0This means (for > example) that when root uploads a file every user in the root > group can modify it -- including user "apache" which you > just put into the root group. > > And since WebDNA is "apache" on a CentOS server this means > WebDNA can modify every file created and uploaded by "root" > -- after you've made those two simple changes above. > > :) > > Sincerely, > Ken Grome > > > --------------------------------------------------------- > This message is sent to you because you are subscribed to > the mailing list . > To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us > old archives: http://dev.webdna.us/TalkListArchive/ > Bug Reporting: http://forum.webdna.us/eucabb.html?page=3Dtopics&category= =3D288 > William DeVaul

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

[WebDNA] Append speed limits (2008) More on the email templates (1997) ReadDateFormat bug in 3.x (1998) [WebDNA] An unknown error occured // Deadlock avoided (2011) frames & carts (1997) Can I invoke an ssi plugin from within a webcat page (1997) Viewing old carts (was FEW QUESTIONS) (1997) old cart file deletion (2000) Date problems-more (1997) problems with 2 tags shakur (1997) CVS Files for databases (2000) Bug? (1997) more ! testing (1997) Search Help Please (1998) Custom WebCat Prefs ... (1997) The Form authentication trick (2000) OT: Poll Please (2002) Newbie trouble with [url] & [foundItems] (2000) WebCatalog for guestbook ? (1997) Forcing a NEWCART (1997)