[support] updating a drupal site
Mukesh Agarwal
mukesh.agarwal17 at gmail.com
Mon Jan 9 17:28:57 UTC 2012
http://drupal.org/node/244924 -- is a very helpful resource for securing
file permissions.
On Mon, Jan 9, 2012 at 10:45 PM, Jarry <mr.jarry at gmail.com> wrote:
> On 09-Jan-12 16:32, Dick Hoogendijk wrote:
> > If I install the FreeBSD port of drupal all my files are owned by the
> > user the webserver is running under (www). This way Drupal is very
> > capable of updating/installing new core and/or modules.
> >
> > My question is: is it save(!) to have the files owned by the user under
> > which your Apache server executes?
>
> You probably mean "safe"? Personally, the first thing I do
> after downloading and unpacking new module is
> $ sudo chown -R root:root <dir>
> Of course, you'd need shell account, and even root-password.
>
> I do not give users higher access-rights than what they really
> need. And web-server does not need to be owner of these files
> (now talking about core and modules)...
>
> Jarry
> --
> _______________________________________________________________
> This mailbox accepts e-mails only from selected mailing-lists!
> Everything else is considered to be spam and therefore deleted.
> --
> [ Drupal support list | http://lists.drupal.org/ ]
>
--
Cheers,
Mukesh Agarwal
________________________________
Innoraft Solutions <http://www.innoraft.com> || +91 8017220799
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.drupal.org/pipermail/support/attachments/20120109/06b6edd2/attachment.html
More information about the support
mailing list