2

I am trying to get my apache server (OS X Lion, not server edition) to run, using a folder inside Dropbox as DocumentRoot. This works fine, as long as I run apache as admin, meaning: with admin permissions. I am sometimes logging into hotspots, so before I do that again I'd like to know if I'm endangering myself; the only things running on the server are files I created. And 2nd: How can I get apache running with dropbox with no admin account? I tried to chmod 755 the Documents folder inside Dropbox, but it had no effect on apache – though I could see that it had changed permissions when I looked in the Finder.

To clarify:

My Document Root = .../myuser/Dropbox/.../htdocs

Works with apaches httpd.conf having these ernties:

User [some admin]

Group admin

What permissions to I have to apply to htdocs to get apache running as _www:_www?

Community
  • 1
user552439
  • 21
  • 2
  • Ok, here's the deal: sudo chown _www:_www /path/to/directory This makes the apache user (_www) and the web-group, equally named, the directories owner and disables Dropbox or yourself from accessing it using the finder, but: navigate to the folder, right click on it -> Information -> on the bottom open the lock. Click the + left beneath the list of users, add yourself and make sure you grant yourself the need rights. Click the "gear" and apply to all subdirectories. But the question still remains: is running apache as amdmin dangerous? – user552439 Jan 03 '12 at 23:08

1 Answers1

2

Apache is designed to be run as regular user. In production environments it's normal to chroot software that can't do this.

If you do this only for your own machine, for private use, you're good. In production it's definitely not a good idea.

As for permissions:

try

sudo chown -R _www:_www /path/to/dir
sudo chmod -R 755 /path/to/dir

(or, if the OSX chmod supports non-octal modes, use this: sudo chmod -R u+rwX,g+rX,o+rX /path/to/dir)

Your user will be able to only read the files, he won't be able to delete them though.

Add yourself to _www group (under linux it's gpasswd -a user-name _www, don't know if it'll work with OSX) and change permissions:

sudo chmod -R 775 /path/to/dir

But you may need to adjust the umask for apache to 002 to keep those files this way.

Hubert Kario
  • 6,361
  • 6
  • 36
  • 65