[svn.haxx.se] · SVN Dev · SVN Users · SVN Org · TSVN Dev · TSVN Users · Subclipse Dev · Subclipse Users · this month's index

Re: Security question for http

From: Brian Mathis <bmathis_at_directedge.com>
Date: 2004-07-22 19:22:14 CEST

Seth Falcon wrote:
> On Thu, Jul 22, 2004 at 06:00:22PM +0200, santanu.misra@reuters.com
> wrote:
>
>>But for http to work I have to do a chmod '666' in the 'db' directory
>>of the repository. I am running apache as 'nobody' and 'nogroup'. We
>>are running other process on the server so I would not like to run
>>apache as any other user(like svn)
>
>>Is it possible to do so ? I could not find any information on the
>>same.
>
> My understanding is that you should run Apache as the user that owns the
> repos. Note that you can run multiple Apache instances if you wish to
> isolate Apache+svn from general web serving Apache...
>
> + seth

Or, as a more helpful and conceptually inverted suggestion, the repos
should be owned by the same user that runs apache, in this case 'nobody'.

It's the same exact thing, except this slight difference does not mean a
whole new apache install on a different port with a whole host of other
issues. A simple 'chown -R' would suffice.

-- 
Brian Mathis
http://directedge.com/b/
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@subversion.tigris.org
For additional commands, e-mail: users-help@subversion.tigris.org
Received on Thu Jul 22 19:22:50 2004

This is an archived mail posted to the Subversion Users mailing list.