Re: Permission Help(deny others, allow group & Apache+Samba)

---

• From: Anthony Hawkes <ahawkes@xxxxxxxxxxxxxxxxxx>
• Date: Fri, 18 Aug 2006 15:09:34 +0800

---

Anthony Hawkes wrote:

Roberto C. Sanchez wrote:

On Thu, Aug 17, 2006 at 03:10:05PM +0100, Jon Dowland wrote:

At 1155837967 past the epoch, Anthony Hawkes wrote:

I am not sure which users to add to group folder and what
to modify to fix this problem up, I have googled my heart
out and cannot figure this out can anyone give me some
ideas

Apache2 runs as "www-data"; you would have to add www-data
to the group which has access to this folder and restart
apache. Note however that this means any script on the
server that has a flaw in it might be exploited to read or
write to this directory.

If you need more fine-grained access control for web
applications, take a look at the SELinux ACLs.

SELinux ACLs might be overkill for this. Standard ext2/ext3 or xfs ACLs
would probably do the trick. He could even set something up to monitor
the directory tree for new files or directories and then have it update
the ACLs.

Regards,

-Roberto

What about the issue with Samba, I will google the above, I did however try adding the group www-data to the folder group but didn't restart, i'm assuming since you've said this that a restart of the apache2 server is required for the changes to take affect?


--
To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx with a subject of "unsubscribe". Trouble? Contact listmaster@xxxxxxxxxxxxxxxx

---

• Follow-Ups:
  • Re: Permission Help(deny others, allow group & Apache+Samba)
    • From: George Borisov

• References:
  • Permission Help(deny others, allow group & Apache+Samba)
    • From: Anthony Hawkes
  • Re: Permission Help(deny others, allow group & Apache+Samba)
    • From: Jon Dowland
  • Re: Permission Help(deny others, allow group & Apache+Samba)
    • From: Roberto C. Sanchez

• Prev by Date: Re: how can run linux (kernel and gui from ram)
• Next by Date: Re: how to prevent the creation of hardware icons on desktop on boot
• Previous by thread: Re: Permission Help(deny others, allow group & Apache+Samba)
• Next by thread: Re: Permission Help(deny others, allow group & Apache+Samba)
• Index(es):
  • Date
  • Thread

---

Relevant Pages Re: X-server restart console command ... I've seen that in Google. ... I use KDE; ... that it is not running - nothing to restart. ... To UNSUBSCRIBE, email to debian-user-REQUEST@xxxxxxxxxxxxxxxx ... (Debian-User) Re: Need some help with a computer I just built. First time at this. ... > I went to restart the computer and it takes me to a screen with ... next it tells me NTLDR is missing press CTRL+Alt+Del to ... Does anyone know what "NTLDR" is that apparently is missing? ... Google is your friend, but if you ... (alt.comp.hardware.pc-homebuilt) Re: Unable to surf the Internet ... "blahyy" wrote: ... The only time that I can open any web page is when I restart my PC. ... At the same time I can visit Google at anytime. ... (microsoft.public.windowsxp.help_and_support) Re: SMBFS - Usernames with @ ... At my university I have to use the -U parameter to access the server, ... SMBFS - Usernames with @ ... > I looked around google for abit, but it doesn't seem to even use symbols ... To unsubscribe, ... (freebsd-questions) Re: [opensuse] Open-source leader leaving Novell for Google ... Open-source leader leaving Novell for Google ... To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx ... For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx ... (SuSE)

---

• Security
• UNIX
• Linux
• Coding
• Usenet

• Mailing-Lists
• Newsgroups
• About
• Privacy
• Search
• Imprint

linux.derkeiler.com  > Mailing-Lists  > Debian  > 2006-08