user permission

Erek Dyskant erek at blumenthals.com
Sun Jul 13 22:12:58 MSD 2008


On Sun, 2008-07-13 at 19:43 +0200, Thomas wrote:
> Personally I created a dedicated user for running nginx and my
> applications. This enables me to log into my server through that user
> and do manual tweaking without messing around with permissions and
> root access.

I have the application files owned by one unprivileged user, and the web
server runs as a different unprivileged user.  Login is disabled for the
web server user.

This way, the web server can't alter the application, and a user logging
into the system to edit the site need not be root.

If you have multiple people allowed to edit the live files, consider a
subversion repository, or failing that, a webmasters group, where all
the application files are g+w and owned by webmasters.

Regards,
Erek Dyskant






More information about the nginx mailing list