Bug 714490 - wrong permissions for logdir
Summary: wrong permissions for logdir
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Fedora
Classification: Fedora
Component: httpd
Version: 15
Hardware: Unspecified
OS: Unspecified
unspecified
unspecified
Target Milestone: ---
Assignee: Joe Orton
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2011-06-19 15:52 UTC by Harald Reindl
Modified: 2011-07-20 11:27 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2011-07-20 10:56:55 UTC
Type: ---

Attachments (Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Harald Reindl 2011-06-19 15:52:53 UTC 
please can anybody fix this permissions in the Fedora-SPEC so httpd can create logfiles not only by the root-owned master-process?

current:
%attr(0700,root,root) %dir %{_localstatedir}/log/httpd

fixed:
%attr(0700,apache,root) %dir %{_localstatedir}/log/httpd
Comment 1 Joe Orton 2011-07-20 10:56:55 UTC 
No, that is a security feature, the "apache" user should have the minimum possible privileges.
Comment 2 Harald Reindl 2011-07-20 11:27:19 UTC 
it is a valid usecase that web-applications are using logfiles for several things and this time they do not run as root, for me /var/log/httpd/ is the correct folder for anything logging httpd-related things
Note You need to log in before you can comment on or make changes to this bug.