[clug] Apache running as its users
matt at mh.dropbear.id.au
Fri Nov 14 15:01:53 EST 2003
Michael James said:
> ie: a user uploads a file using samba or ftp
> and can then reference it on a web form.
> The results then exist as a text file in their home directory
> that they can perhaps manipulate in perl on the command line.
> Then they can be downloaded, again using the preferred method.
Why not let apache run as nobody, the file can exist in the FTP dropzone
(which doesn't have to be their home dir, but could be linked from it or
maybe a subdir of it - proftpd for example can make the the default (and
even a chrooted) dir. chgrp/chmod the file to something both the web
server and the user are able to write to.
Alternatively, you could look at using a proper content management system
like Zope +CMS/Plone.
More information about the linux