On Wed, Mar 12, 2008 at 02:12:46PM +0000, MJ Ray wrote:
Chris G cl@isbd.net wrote:
Would running apache as myself cause any serious security or other issues? (apache 2.2 on Fedora 8 if it's of any significance) [...]
An exploit of apache could wipe out your files. Seems serious to me if the apache is world-visible.
Yes, true, I've decided to avoid it if I can.
Alternatively can anyone suggest a scriptable way of allowing myself to become user apache so that I can create files, do fuse mounts, etc. as apache?
sudo, or careful use of group ownerships (chgrp) and permissions (chmod g+rx). Alternatively, consider using suexec or mod_ruid to apache run *some* tasks as your user.
The issue is with an encfs/fuse mounted directory, by default (regardless of permissions) only the user who mounts the file system can see the files. Even root can't see the files or manipulate them.
I have a workable solution using the allow_other option to fuse which allows others to read fuse mounted files by default, I can then set the 'normal' permissions to restrict access as required.