wiki and php file permissions

dave morton dmorton-VBJBm02B4Ag at public.gmane.org
Wed Oct 22 14:28:25 UTC 2003


I want to use pwp wiki to set up a website for family/friends to journal into.
I am not using any user authentication, so the site will be open to all.

To enable pwp wiki, the instructions are that "..php (>4.2) must be able to 
write.." to the local files.

I have changed the user and group ownerships to 'nobody' and 'nogroup' 
respectively for the
apache htdocs directory.
(php would not write when the default 'root' user and group ownerships
were in place on the htdocs directory).

The files have permissions of rw_rw_r__ .The wiki works great,
however I am concerned that this leaves the linux box susceptible to hackers.

Am I safe or not?

TIA

Dave

--
The Toronto Linux Users Group.      Meetings: http://tlug.ss.org
TLUG requests: Linux topics, No HTML, wrap text below 80 columns
How to UNSUBSCRIBE: http://tlug.ss.org/subscribe.shtml





More information about the Legacy mailing list