Apache confusion
Gerald Combs
gerald at ethereal.com
Thu Jun 20 03:04:38 CDT 2002
Try setting only the execute bit, e.g. 'chmod o-rw /home'. For a
directory, the execute bit lets you traverse that part of the path. The
read bit lets you list its contents. If the permissions on /home are set
to 751 (rwxr-x--x) for instance, Apache should still be able to find
/home/USER/www while keeping /home (mostly) secure.
On a related note, does anyone know why file-level ACLs aren't a standard
part of Linux? VMS had them when dirt was new. Solaris and other Unixen
have had them for nearly as long. A quick Google search shows what appear
to be several ACL projects in various stages of activity.
On Wed, 19 Jun 2002, Jonathan Hutchins wrote:
> Ok, this doesn't make sense. If I make /home world readable, anybody can CD
> to anybody else's home directory. That ain't right. If I don't, Apache
> can't see the user files, but users are supposed to put their files in
> /home/USER/www. Huh?
>
>
>
More information about the Kclug
mailing list