On Fri, Aug 7, 2009 at 5:18 AM, PlatonidesPlatonides@gmail.com wrote:
only by /root/?
Well, or otherwise not readable by the web server, like 640 root:admins. You're right that there's no reason to run a PHP script as root if you only need root DB access, of course.
Maintenance scripts shouldn't be run as root. OTOH that would be a good method if you used a specific account eg. 'WikiAdmin'. Still, you might get funny permissions when running scripts that deal with files.
Well, when I run maintenance scripts I usually don't bother sudoing to www-data anyway, personally. Practically none of the scripts touch files.