[NTLUG:Discuss] su?
Lance Simmons
lance at lsimmons.net
Thu Jul 12 19:22:25 CDT 2001
On Thu, Jul 12, 2001 at 06:29:33PM -0500, Aaron Goldblatt wrote:
>
> They don't need a password, as you describe, because the change in ownership
> is being done by a process running as root ... so no permissions need apply.
> THAT is the danger of running things as root, and why you should avoid doing
> so anywhere you can.
Let me give some more detail and see if that changes things:
there are a lot of people who use FrontPage on their Windows
desktops to create and edit files on the machine I'm asking
about. The files are all owned by www.
Adding the user in question to the www group doesn't work
(already tried it), because the web server will not serve a file
unless it is _owned_ by www.
I want this person to be able to use unix-based tools (bypassing
FrontPage to edit the files directly) to edit and maintain files
on that webserver, while still allowing lots of other people to
continue to use FrontPage. In order for him to do that, the
files, once edited, must be owned by www.
If I change the password for www, won't that mess up all the
people who are using FrontPage remotely to edit and save files?
I guess to answer this I'd need to know more about how FrontPage
extensions work on the webserver...
I'm just afraid that if I change the password for www, that will make
FrontPage no longer work for lots of people, since _they_ will
no longer be able (using FrontPage) to save files as www. I'm
starting to think the answer to my question turns on the details
of how FrontPage server extensions work. Does anyone know
off-hand?
Lance Simmons
More information about the Discuss
mailing list