On Wed, Jul 04, 2007 at 11:36:06AM -0700, bruce wrote:
> andrew...
>
> are you sure about this... i would have thought that if you have an apache
> user 'apache' and allow php to be run as/by 'apache' than this would provide
> complete access to anything php needs to do as 'apache'.
>
> this should definitely work if you allow the 'group' for the apache err log
> files be accessed by this user...
>
> so.. i ask again.. are you sure about this..
>
Hi all...
the only owner with write permissions of the logs is root! I mean
the standard configuration for the apache webserver. Read
permissions for groups for the apache logs can be different per distribution.
You can configure your environment for the PHP processes to log in seperate
files.
If you allow write access for the 'group' you open the door
wide for hackers.
greetings
Mario
--
-----------------------------------------------------
| havelsoft.com - Ihr Service Partner für Open Source |
| Tel: 033876-21 966 |
| Notruf: 0173-277 33 60 |
|
http://www.havelsoft.com |
| |
| Inhaber: Mario Günterberg |
| Mützlitzer Strasse 19 |
| 14715 Märkisch Luch |
-----------------------------------------------------
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
iQIVAwUBRowK4jUZahlMISn3AQJQ4g/8DTyQ98k9UZSMtQ/QLdVsNMInTg5iFcs2
j0NSlF+tB0KQvHMoeqnbrk8Hm05sKfQl39QXnKQNFGwrYA9Sgp NCK4JWZFfxGF2k
LR7M9ou4NejIUD9C8i4FTVoJCo2Lxr8Hy+/Yvs9o81ij6mlCL0gpwTkSgziaFKqd
s3yFNazhHlyq6hGTYo/f4pzgB4+1XTQEc6kJLo5WYHCccvd0NgCVigdA2l+GnK/K
estngo9mt8d7QZaKC9VhqG5LGh/Pyd3LhnDXkUXg/ddZAtmcJT4KoEiJkHGifZje
se3bf8QW1mmZWFubZrIfKfK+1wlXgiZw4unUEEmu1v6YcxKpXh tCnIgAqC7helPX
bIGkr+swITf816NwrDw2oo8Onc5CnEZ9t83Wp/fnqYkblmzTDTYM1KCc8DfauiBm
wE3FP7GX9nZ+qQgyIcwZuMdMmaYc5HrnOemCxxQGADkjQJmzjR 5tyuCkbsTuuqZo
uUqeJUAKl0MptaMfwdJerQ43t0gfo9RqJtas+2BgpxoHi02Swg dP05fd4NjJdJ/O
1u5RBwG8UqZ3MpPZU5DGLo4LsMwsWmCjcMO2o8d36CM7wPEyuj Cn9dJGvH+Rzf6o
y02Zjypwe+G7J/5bCrA1tgYN2Sp+11BIZ5E4ahoG9qT8qBXWOhIsmTh+EiRrKKZ8
QrC0YlW0mMU=
=f4nl
-----END PGP SIGNATURE-----