You probably mean "safe"? Personally, the first thing I doOn 09-Jan-12 16:32, Dick Hoogendijk wrote:
> If I install the FreeBSD port of drupal all my files are owned by the
> user the webserver is running under (www). This way Drupal is very
> capable of updating/installing new core and/or modules.
>
> My question is: is it save(!) to have the files owned by the user under
> which your Apache server executes?
after downloading and unpacking new module is
$ sudo chown -R root:root <dir>
Of course, you'd need shell account, and even root-password.
I do not give users higher access-rights than what they really
need. And web-server does not need to be owner of these files
(now talking about core and modules)...
Jarry
--
_______________________________________________________________
This mailbox accepts e-mails only from selected mailing-lists!
Everything else is considered to be spam and therefore deleted.
--
[ Drupal support list | http://lists.drupal.org/ ]