On Mon, 18 Jun 2001, Thomas Eibner wrote: > As I understood the first post he doesn't actually have users on the > system (proftpd users in sql?) so that wouldn't work. What I would > do is probably run the webserver as nobody/nogroup and make sure that > nothing is writable by that user/group. s/nobody nogroup/httpd httpd/ (or similar). nobody is NOT designed to be used as a generic user. lots of other programs use it (incorrectly). IIRC, it was created to be used for NFS, and NFS only.. you are much safer using a user for the webserver itself. > If on the other hand he has actual users on the system I would go for > suexec that comes with Apache. but of course. :) -- Nate Carlson <natecars at real-time.com> | Phone : (952)943-8700 http://www.real-time.com | Fax : (952)943-8500