|
Posted by Ray on 10/10/42 11:28
Hi Erwin,
Erwin Moller wrote:
> Here is more:
> http://www.searchengineworld.com/robots/robots_tutorial.htm
Thank you for finding it!
> It is actually a very simple straightforward system.
> But be aware that robots.txt only works when the spider is friendly and
> cares about your suggestions.
I see. Well, if the best I can do is add many small locks instead of
one big one, I can settle with that. Thanks for the warning!
> > I said this in my previous reply, but I guess my main problem is that I
> > don't understand www-data -- the account which runs the web server and
> > thus, creates these files.
> Well, www-data is just the name of a user.
> It is typically the name of a user that runs Apache.
> Remember that every process on *nix is owned by a user.
I see. Perhaps that is what confused me and why I did -------rw- in
the first place (which seems to have caused an uproar in this thread :)
). At first, I thought www-data was some special user...like root.
After playing around a bit and realizing that public web pages have to
have -------r--, I suspected that it is just a normal user.
So, my problem was that I wanted www-data to create files which I can
also read. If I own the files, one solution is to create a group and
add www-data and me to it...but I'm not the sysadmin and I cannot do a
groupadd. If www-data owns the files, then won't I have problems
reading it?
>From your previous post in August, you suggested creating files owned
by www-data within my directory. It feels strange to me, but perhaps I
don't understand how permissions cascade. Unix permissions is simple
enough: user, group, other/world...but when you put them within each
other is something that I still don't have a grasp of.
> True.
> You don't want normal users changing ownership of files, do you?
> ;-)
> That would make hacking/cracking too easy to give any satisfaction. :P
>
> So: chown is a command executed by root.
Well, before I tried, I thought I would get into the problem of giving
ownership to a file and later, not being able to get it back... But,
when I tried it, I was thinking I won't learn unless I do...I did and
it didn't let me. :)
> > Thanks! I'm going through it now and it looks long and detailed.
> > Thank you for the original posting...I'll make sure the extensive
> > typing you did is used at least one more time by me. :)
> Hehe, thanks.
> When that trick was first explained to me by a guy, I decided to share it at
> least 1 time with somebody else. I did twice now. ;-)
Well, I'll make sure to pass it on. A "good" chain mail! :)
mySQL is great, but not everyone is a sysadmin and sometimes, you have
to make do with what you have. And, I guess it is overkill for what
I'm doing.
> One last tip: Once you set up something you think is reasonable secure, try
> to break it yourself by using another account on the same machine, if that
> is possible. It is a good way of testing what the rwx means on directories
> and such, which is quite confusing the first time you use them (for me).
Well, on that machine, I'm not the sysadmin, so I don't have the
luxury. I am a sysadmin of my machine, but it's behind a firewall.
Nevertheless, I can install a web server and give it a try...the test
won't be as good as the actual test, but maybe good enough.
Thanks for your help!
Ray
Navigation:
[Reply to this message]
|