apache permissions

eriddle at linuxcare.com eriddle at linuxcare.com
Mon Jan 29 13:14:52 PST 2001


Quoting Lukas Mol on Sun, Jan 28, 2001 at 08:36:15PM +0100 :
> Ok, so I've set up mysql, apache and php4. It all works as far as I can see
> right now. Two questions though:
> 
> 1. Apache has set owner and group id to 1079 for quite some files. Anybody
> knows which user/group combo is normally used/intended?

This sounds like leftovers from a separate Apache install where 1079
was the uid and gid assigned by the previous install.  I suspect a
Debian or redhat config file is being used and that user is not on
your lfs since you did not create it.  In your httpd.conf, you can
assign the user and group as you wish.  Some people use nobody/nobody
and others use webuser/webgroup which gives a little more security
against someone hacking user nobody and getting some control over
your apache stuff, and also makes reading log entries a little easier.

> 2. I use phpMyAdmin to interface with mysql through my browser. To do so
> I've to insert username and password in clear text in a configfile
> (config.inc.php). This configfile is read by...php/apache? If I disable
> world read permissions I break it. Any advice on a proper setup here?

I don't know anything about this.  But, if phpMyAdmin is the program that
reads the config.inc.php, make sure the permissions match.  If it is
apache that reads the config, make the permissions match that.
In short, if you change the ownership of the config file to match
that which is reading it, you can get rid of the world readable situation.

Cheers,
Ed

-- 
Ed Riddle, Linuxcare, Inc.
Office: 415.354.4229, FAX 415.701.7457
ed at linuxcare.com, http://www.linuxcare.com/
Linuxcare. Putting open source to work.

-- 
Unsubscribe: send email to lfs-apps-request at linuxfromscratch.org
and put unsubscribe in the subject header of the message




More information about the blfs-support mailing list