[Moin-devel] Permissions
Renat Lumpau
rl03 at gentoo.org
Mon Aug 30 10:48:17 EDT 2004
On Mon, Aug 30, 2004 at 12:44:14PM +0200, Thomas Waldmann wrote:
> >I am cleaning up the Gentoo ebuild for moinmoin, and I have a quick
> >question I hope you can help me with. What files does the httpd need
> >write access to? Right now I'm doing the equivalent of chown -R
> >apache:apache * , and I'd really like something cleaner.
>
> Additionally to what Florian already said, try to do it without giving
> world access to data/ - there are critical informations inside there
> like ACL protected pages and user accounts, so they shouldnt be readable
> to everybody on FS level.
Gentoo uses webapp-config [1][2] to install web applications. Files that the webserver needs write access to are processed by webapp_serverowned(), which installs them with user-specified permissions, and always writeable by the httpd (apache:apache in the most common case). Thus, our users can set permissions on data/ according to their needs.
Best,
[1] http://dev.gentoo.org/~rl03/webapp-config.html
[2] http://dev.gentoo.org/~rl03/webapp.eclass.html
--
Renat Lumpau
Gentoo developer
GPG key id #C6A838DA on http://pgp.mit.edu
Key fingerprint = 04AF B5EE 17CB 1000 DDA5 D3FC 1338 ADC2 C6A8 38DA
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <http://mail.python.org/pipermail/moin-devel/attachments/20040830/25d3c132/attachment.sig>
More information about the Moin-devel
mailing list