[TriLUG] apache2 security question

Blackburn, Marvin mblackburn at glenraven.com
Tue Aug 21 09:50:57 EDT 2007


We need to run apache2 as root; however, we dont want to give our web
developer root access to modify the apache2 files as that, at one time, was
risky.
We started doing this quite some time ago; however, I'm not sure that we
need to continue doing this.  Is there any risk to giving the webadmin write
permissions to the httpd.conf file and allowing hiim to start and stop the
system with apachectl as long as root owns all the other files?
 
most of our systems are rhel 3.0 and above and we use apache2 instead of teh
httpd that comes with the system.
 
 


_____________________________________
"He's no failure. He's not dead yet."
William Lloyd George

  

 
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3921 bytes
Desc: not available
URL: <http://www.trilug.org/pipermail/trilug/attachments/20070821/90278910/attachment.bin>


More information about the TriLUG mailing list