On 1/30/06, Jon Moss [email protected] wrote:
I know I'm probably going to get slammed for being an idiot, but oh well . . .
I've finally got some help (volunteer) for the church webserver I host at home. It's an FC4 server with Apache 2.x installed. She's from the M$ world and asking me about ASP and DreamWeaver access, which I told her was a no go. Learn PHP! :)
Anyway, I created a webadmin account that I want to have full access to the /var/www/html folder tree. I added that account to the apache group, but that didn't work.
What is the proper process for accomplishing this? I don't want to give this person root access to the server.
Obviously! :)
How is she accessing the server? SSH/WinSCP? FTP? Also, how exactly didn't it work? Was her user account not able to touch a file in the directory?
If she's in the apache group, you'd need to put 775 perms on the directory. Although, I would probably create a separate group for web developers, rather than use apache. Some distributions use the apache group as the GID of the apache process, which could leave your website vulnerable incase someone was able to execute something as the apache UID/GID. Unless I'm way off base.
Jeremy