Re: [WebDNA] Silly question

This WebDNA talk-list message is from

2009


It keeps the original formatting.
numero = 103223
interpreted = N
texte = > Ken, don't you think it is a security risk to > add apache to root? It's never been an issue for me, but I'm the only one with admin access to the server so maybe it's not the best solution for folks with more complicated requirements. > Apache would be able to act on any file > throughout the system then. No it won't. Files owned by root before before the umask change cannot be modified by apache because they still have their original permissions. Umask only determined the permissions on new files. Any files that were secure before the umask change are still going to be secure after the change. If you'd rather not trust apache with root access you can always create a new xxx account, then add apache to the xxx group. Then change some folder permissions and/or change apache's default folder so both xxx and apache can access the files you need to work on. It's more work this way but it's possible, right? :) Sincerely, Ken Grome Associated Messages, from the most recent to the oldest:

    
  1. Re: [WebDNA] Silly question (Stuart Tremain 2016)
  2. Re: [WebDNA] Silly question (christophe.billiottet@webdna.us 2016)
  3. [WebDNA] Silly question (Steve Craig 2016)
  4. Re: [WebDNA] Silly question (Kenneth Grome 2009)
  5. Re: [WebDNA] Silly question (William DeVaul 2009)
  6. Re: [WebDNA] Silly question (Kenneth Grome 2009)
  7. Re: [WebDNA] Silly question (William DeVaul 2009)
  8. Re: [WebDNA] Silly question (Marc Thompson 2009)
  9. Re: [WebDNA] Silly question (Frank Nordberg 2009)
  10. Re: [WebDNA] Silly question (Terry Wilson 2009)
  11. Re: [WebDNA] Silly question (John Butler 2009)
  12. Re: [WebDNA] Silly question (Kenneth Grome 2009)
  13. Re: [WebDNA] Silly question (Terry Wilson 2009)
  14. Re: [WebDNA] Silly question (Bob Minor 2009)
  15. [WebDNA] Silly question (Frank Nordberg 2009)
> Ken, don't you think it is a security risk to > add apache to root? It's never been an issue for me, but I'm the only one with admin access to the server so maybe it's not the best solution for folks with more complicated requirements. > Apache would be able to act on any file > throughout the system then. No it won't. Files owned by root before before the umask change cannot be modified by apache because they still have their original permissions. Umask only determined the permissions on new files. Any files that were secure before the umask change are still going to be secure after the change. If you'd rather not trust apache with root access you can always create a new xxx account, then add apache to the xxx group. Then change some folder permissions and/or change apache's default folder so both xxx and apache can access the files you need to work on. It's more work this way but it's possible, right? :) Sincerely, Ken Grome Kenneth Grome

DOWNLOAD WEBDNA NOW!

Top Articles:

Talk List

The WebDNA community talk-list is the best place to get some help: several hundred extremely proficient programmers with an excellent knowledge of WebDNA and an excellent spirit will deliver all the tips and tricks you can imagine...

Related Readings:

foreign languages, email, webcat (1998) [OT] Invoking a MP3 Download (2004) Sendmail problem on UNIX (2000) [dos] command (1997) Why do extra quotation marks sometimes appear in my databases? (1998) getting images' width/height (1998) upgrading (1997) Uh...can someone help me out with the b10? (1997) Execute Applescript (1997) Shell Script needed (2003) Click-through/Referral tracking solution needed (2000) Building Calendars (1997) WildWEBCAT98 Winners! (1999) Multiple Hideif peramiters (2001) bad idea to not use any html files, only .tpl files? (1999) page redirect in webDNA (1997) Weird problems with [SHOWIF]s (1997) customizing the color of user's pages (1997) WordBreak Qestion (1998) Custom formulas.db (1998)