[arch-general] [arch-dev-public] adding http user/group to filesystems
Jeff Mickey
jeff at archlinux.org
Mon Jun 23 13:39:32 EDT 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Mon, Jun 23, 2008 at 13:14, Arvid Ephraim Picciani wrote:
> that link states exactly the oposit of what you where saing before.
> no user owned files anywhere. all owned by root.
The link states that all the directories should be owned by root, not
the files. Then if httpd is compromised, only the http owned files
are compromised, not the whole directory. (notice they are talking
about /, /usr/bin, etc... things that arch HAS set as owned by root)
The link states that apache's httpd process will drop to the User set
in configuration to serve hits.
To my understanding we're just making an http user for httpd to drop to.
But no, it's cool. Stay trolling. I'm totally more convinced of your
point every time you reply.
// jeff
- --
. : [ + carpe diem totus tuus + ] : .
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)
Comment: http://getfiregpg.org
iEYEARECAAYFAkhf39MACgkQ4SR5wfM7frqZ1ACggjBDsJMrNuP9ALfQyPXPfH4G
+w8An2KWHOtBuoBdrx+104r9PUTSmg9G
=+TDk
-----END PGP SIGNATURE-----
More information about the arch-general
mailing list