[PLUG] What permits apache to write files?

[Keith Lofstrom]

I probably have my apache server set up somewhat incorrectly for
one of my oldest websites.  I run a lot of wikis on many websites,
and the wikis permit apache cgi clients to rewrite apache owned
wiki content under some circumstances.

What is scary is that a couple of my static html files, allegedly 
unrelated to the wiki, were also rewritten by spammers, no doubt
via some of the older wikis (using Kwiki, rather than the newer
and more secure MoinMoin).  Those static files were incorrectly
owned by apache, but still ...

I just set all the static files to ownership root.  I will learn
more about tightening down the restrictions for Kwiki write access 
( and eventually migrate all the content to Moin ). 

But in the interim (without sharing my httpd.conf stuff with all
and sundry)  are there other ways (besides incorrectly configured
wikis) that apache can rewrite static content that incompetents
like myself should be aware of?

Are there any issues with setting static content to root ownership
( or perhaps to user "foo" ownership ), read only, as long as 
apache can still read it?

Keith

-- 
Keith Lofstrom          keithl at keithl.com         Voice (503)-520-1993
KLIC --- Keith Lofstrom Integrated Circuits --- "Your Ideas in Silicon"
Design Contracting in Bipolar and CMOS - Analog, Digital, and Scan ICs