Intro to Apache - ApacheCon Security - File permissions Most important consideration when setting file permissions is the User and Group directives. Should be set to some unpriveleged user Files should (almost) never be writable by this user. (See DAV section for the exception, and possible solution.) Config files, and executable files, should never be writable by anyone but root
Index Back to Hour 3 Forward to Security - CGI and suexec
ApacheCon : Intro to Apache - Slide #109 of 139