9 Jan
2012
9 Jan
'12
5:15 p.m.
On 09-Jan-12 16:32, Dick Hoogendijk wrote:
If I install the FreeBSD port of drupal all my files are owned by the user the webserver is running under (www). This way Drupal is very capable of updating/installing new core and/or modules.
My question is: is it save(!) to have the files owned by the user under which your Apache server executes?
You probably mean "safe"? Personally, the first thing I do after downloading and unpacking new module is $ sudo chown -R root:root <dir> Of course, you'd need shell account, and even root-password.
I do not give users higher access-rights than what they really need. And web-server does not need to be owner of these files (now talking about core and modules)...
Jarry
--
_______________________________________________________________
This mailbox accepts e-mails only from selected mailing-lists!
Everything else is considered to be spam and therefore deleted.