Re: [WebDNA] Silly question
This WebDNA talk-list message is from 2009
It keeps the original formatting.
numero = 103222
interpreted = N
texte = Ken, don't you think it is a security risk to add apache to root?Apache would be able to act on any file throughout the system then.For example a malicious script would have root access, could installextra services, etc.BillOn Wed, Aug 12, 2009 at 3:05 PM, Kenneth Grome
wrote:>> Is there an easy way to set file permissions to 777 as>> default for all .db files (in CentOS/Apache)?>>> Assuming you're using a default CentOS 5.3 + WebDNA 6.2> installation and logging in as root to manage your website> files you do NOT have to change any file permissions.>> Here's the easy way to get permissions working properly when> setting up a default CentOS 5.3 + WebDNA 6.2 server:>> 1- Change umask from 022 to 002 in /etc/bashrc> 2- Put user "apache" into the "root" group>> That's all there is to it.>> If you perform these two simple tasks then reboot *before*> you upload any files to the server WebDNA will work correctly> at its default permission settings. =A0You can even make these> changes before installing WebDNA.>> Here's how it works:>> The umask change insures that newly created and uploaded> files can be modified by other users in the same group as the> user who created/uploaded those files. =A0This means (for> example) that when root uploads a file every user in the root> group can modify it -- including user "apache" which you> just put into the root group.>> And since WebDNA is "apache" on a CentOS server this means> WebDNA can modify every file created and uploaded by "root"> -- after you've made those two simple changes above.>> :)>> Sincerely,> Ken Grome>>> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> old archives: http://dev.webdna.us/TalkListArchive/> Bug Reporting: http://forum.webdna.us/eucabb.html?page=3Dtopics&category==3D288>
Associated Messages, from the most recent to the oldest:
Ken, don't you think it is a security risk to add apache to root?Apache would be able to act on any file throughout the system then.For example a malicious script would have root access, could installextra services, etc.BillOn Wed, Aug 12, 2009 at 3:05 PM, Kenneth Grome wrote:>> Is there an easy way to set file permissions to 777 as>> default for all .db files (in CentOS/Apache)?>>> Assuming you're using a default CentOS 5.3 + WebDNA 6.2> installation and logging in as root to manage your website> files you do NOT have to change any file permissions.>> Here's the easy way to get permissions working properly when> setting up a default CentOS 5.3 + WebDNA 6.2 server:>> 1- Change umask from 022 to 002 in /etc/bashrc> 2- Put user "apache" into the "root" group>> That's all there is to it.>> If you perform these two simple tasks then reboot *before*> you upload any files to the server WebDNA will work correctly> at its default permission settings. =A0You can even make these> changes before installing WebDNA.>> Here's how it works:>> The umask change insures that newly created and uploaded> files can be modified by other users in the same group as the> user who created/uploaded those files. =A0This means (for> example) that when root uploads a file every user in the root> group can modify it -- including user "apache" which you> just put into the root group.>> And since WebDNA is "apache" on a CentOS server this means> WebDNA can modify every file created and uploaded by "root"> -- after you've made those two simple changes above.>> :)>> Sincerely,> Ken Grome>>> ---------------------------------------------------------> This message is sent to you because you are subscribed to> the mailing list .> To unsubscribe, E-mail to: > archives: http://mail.webdna.us/list/talk@webdna.us> old archives: http://dev.webdna.us/TalkListArchive/> Bug Reporting: http://forum.webdna.us/eucabb.html?page=3Dtopics&category==3D288>
William DeVaul
DOWNLOAD WEBDNA NOW!
Top Articles:
Talk List
The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...
Related Readings:
[WebDNA] Append speed limits (2008)
More on the email templates (1997)
ReadDateFormat bug in 3.x (1998)
[WebDNA] An unknown error occured // Deadlock avoided (2011)
frames & carts (1997)
Can I invoke an ssi plugin from within a webcat page (1997)
Viewing old carts (was FEW QUESTIONS) (1997)
old cart file deletion (2000)
Date problems-more (1997)
problems with 2 tags shakur (1997)
CVS Files for databases (2000)
Bug? (1997)
more ! testing (1997)
Search Help Please (1998)
Custom WebCat Prefs ... (1997)
The Form authentication trick (2000)
OT: Poll Please (2002)
Newbie trouble with [url] & [foundItems] (2000)
WebCatalog for guestbook ? (1997)
Forcing a NEWCART (1997)