No executables in /tmp

Marc Christensen marc at mecworks.com
Mon Mar 27 16:53:32 MST 2006


Gregory Hill wrote:
> Might be wrong, but I think that would also mean you'd need to add 
> whatever user apache runs as (I think it's 'nobody' by default) to
> that group, or you won't be able to run perl-based websites.  That
> is, if you need that.
> 
> Greg

You could also make an apache user/group and run it as that then add
that the perl group to that user's list of groups.  There's no problem
with doing that (many distros have an 'apache' user/group) and you can
have that account just as restricted as the nobody account.  Then you
get finer-grained control over who can access the perl stuff and still
have the web server access it.  You'll need to change ownership of the
stuff that the apache process needs read and/or write access to and then
you should be set.

--
Marc Christensen
http://blog.mecworks.com



More information about the PLUG mailing list