Re: apache question

To: debian-user@lists.debian.org
Subject: Re: apache question
From: Ethan Benson <erbenson@alaska.net>
Date: Sun, 28 May 2000 01:24:57 -0800
Message-id: <[🔎] 20000528012457.H29071@plato.local.lan>
In-reply-to: <[🔎] 20000527185158.B21169@midco.net>; from nnorman@midco.net on Sat, May 27, 2000 at 06:51:58PM -0500
References: <[🔎] 813C64B2C7E6D311A85600500450F99C16A70B@EXCHANGE> <[🔎] 20000522011243.A7243@plato.local.lan> <[🔎] 868zwy802z.fsf@kronstadt.speakeasy.org> <[🔎] 20000525200710.O29071@plato.local.lan> <[🔎] 20000527185158.B21169@midco.net>

On Sat, May 27, 2000 at 06:51:58PM -0500, Nathan E Norman wrote:
> On Thu, May 25, 2000 at 08:07:10PM -0800, Ethan Benson wrote:
> [ snip ]
> > all keeping the logs owned by the unpriviledged user seems to buy you
> > is a security hole.
> 
> That's why on new debian installations the log are owned by root.root.
> However, if the logs were already owned by www-data.www-data they
> won't be changed.

until 6:25 when cron fires off /etc/cron.daily/apache which chowns
them to www-data.www-data mode 0664

i just installed fresh apache package from potato.  i do see that
/var/www is now owned by root.root instead of the evil
www-data.www-data  that is a big improvment, but the cron job is
broken IMO.

-- 
Ethan Benson
http://www.alaska.net/~erbenson/

Attachment: pgpICU575FUWM.pgp
Description: PGP signature

Reply to:

References:
- apache question
  - From: Dominic Blythe <Dominic.Blythe@BCPSoftware.com>
- Re: apache question
  - From: Ethan Benson <erbenson@alaska.net>
- Re: apache question
  - From: Ian Zimmerman <itz@speakeasy.org>
- Re: apache question
  - From: Ethan Benson <erbenson@alaska.net>
- Re: apache question
  - From: Nathan E Norman <nnorman@midco.net>

Prev by Date: Re: dumbass wm question
Next by Date: Re: apt
Previous by thread: Re: apache question
Next by thread: Re: ppp connection failure - re-post
Index(es):
- Date
- Thread