[clue-tech] DocumentRoot permissions
mikeb at wispertel.net
mikeb at wispertel.net
Mon May 30 11:33:45 MDT 2005
> [...]
>> One thing I'm curious about, security-wise. On Kubuntu, Debian too?,
>> the root web directory is /var/www owned by root:root whereas RedHat
>> and others put the root directory in /var/www/<somethingelse> usually
>> owned by apache:apache. Isn't root ownership of the web directory a
>> bad idea (TM)?
>
> Why would root ownership be a bad idea? Your confusing file ownership
> with process ownership, I think.
>
> Dave
>From my experience with Ubuntu out of the box install leaves too many root
access permissions on files that makes it a security risk as a server
operating system. Mepis is more of standard Debian install that locks
down the box and leaves the permission closer to what the Debian model of
security but, gives the user a easier install and access to testing
packages. Note Mepis has developed a server class release. I am not taking
away from Ubuntu but, ease of use can not be confused with a secure
system. Try Mepis and see what I mean about the permissions. Your other
option is to lock down your box by hand.
-mike
More information about the clue-tech
mailing list