Mailinglist Archive: opensuse-security (138 mails)

< Previous Next >
Re: [suse-security] Ownership of Directories/Files under /srv/www/htdocs
  • From: Christian Boltz <suse-security@xxxxxxxxx>
  • Date: Sat, 17 Dec 2005 22:04:44 +0100
  • Message-id: <200512172204.45126@xxxxxxxxxxxxxxx>

Am Samstag, 17. Dezember 2005 20:46 schrieb Lucky Leavell:
> OS: SuSE 10.0 Pro
> I recently installed PostfixAdmin 3.1 doing the install as root and
> changed file permissions to 640 per the instructions. However, I
> cannot access it unless I make the files world readable (644).
> Question: What owner:group should applications be installed as under
> /srv/www/htdocs? I currently have phpMyAdmin and PostfixAdmin.

Apache usually runs as user "wwwrun", group "www".

Unless you have a really good reason, I would not recommend to "chown
wwwrun" the files - doing so will also give write permissions to these
files (which can be a possible security risk)

"chgrp www" (with perms 640/750 for directories) does what you ask for.

BTW: Is there a specific reason why you want those files not to be


Christian Boltz
Das wird mit TCPA alles vorbei sein. Nicht, dass Windows dann stabiler
läuft, aber auch die Abstürze sind zertifiziert.
[Matthias Houdek in linux-liste]

< Previous Next >
Follow Ups