[LON-CAPA-dev] www owned files
Guy Albertelli II
lon-capa-dev@mail.lon-capa.org
Tue, 8 Oct 2002 15:29:41 -0400 (EDT)
Hi Martin,
I agree with the rest, but I disagree with the ones below.
Let me know where I am wrong.
>
> /home/httpd/html (particularly the adm, res directories)
> same thing as cgi-bin. scary. solution: chown to root. objections?
> the res directory probably should be owned by some group that creates
> resources, i.e., neither root nor www.
But the webserver does the creation/maintenace of these files?
> /home/httpd/lonIDs
> probably must be owned by www. correct?
Yep.
> /home/httpd/lonUsers
> seems to be the heart of lon-capa. must be owned by www. correct?
All user data is stored here, read/written to by lond, if we wanted to
seperate the webserver form lond we could modify this ownership.
(Of course rectly we started storing files in here to that the
webserver reads/writes, in a subdirectory under the user account)
> /home/httpd/perl/{logs,tmp}
> both probably must be owned by www
Web server writes into most of these as do lonc/lond
> /home/httpd/{sockets,prtspool}
> these probably need to be owned by www.
Yep. And lond/c write here
> /home/<username>/public_html
> why are these owned by www? They shouldn't, correct?
Depends.
If the user is Unix authenticated then nope, should be owned by the
user.
If the user is internally or kerberos or localauth authentication then
yes since the webserver will be creating/modifying all of these files.
--
guy@albertelli.com BM: n^20 t20 z20 qS
Guy Albertelli -7-7-9- O-
Well I best be going . . . crack don't smoke itself you know
-C.Chambers