w3hello.com logo
Home PHP C# C++ Android Java Javascript Python IOS SQL HTML videos Categories
apt-get installation of nginx leaves files owned by root

Since the files are owned by root, the nginx user (www-data) responsible for handling web traffic has no ability through a security hole or otherwise to allow write access to the www files. Therefore, its following the principle of least privilege.

Looking at it from the other side, if you changed the files to be owned by the nginx user (www-data), then it might be possible to exploit the nginx worker process to modify the files that it owns, in this case your www pages.





© Copyright 2018 w3hello.com Publishing Limited. All rights reserved.