Am 20.10.2010 00:06, schrieb Josselin Mouette:
This could be done with the FollowSymLinks option, but my apache-fu is
not enough to know how it behaves when you enable write permissions in
this directory. Do you know whether this would make unwanted files
modifiable remotely?
In the upstream bug report [1] hadess told me:
Given that the httpd WebDav module ignores symlinks, even if we
wanted, we couldn't make it work without fixing mod_dav. See the bug
mentioned above.
And in the "bug mentioned above" [2] an apache dev explains the issue:
The traditional attitude to this type of issue has been that "the
DAV repository" includes content which can be managed by mod_dav,
and that does not include symlinks, so symlinks should not be
exposed in PROPFIND results. (nor sockets, named pipes, etc)
Simply saying "respect FollowSymlinks" is not really the whole
story; we'd still have to decide e.g. how to handle symlinks which
point outside the DAV repository, if turned off, for example.
Also note that SymlinksIfOwnersMatch is not a security feature.
So AFAIUI this cannot be done with the FollowSymLinks option as long
as apache's DAV module ignores symlinks itself. :(
- Fabian
[1] https://bugzilla.gnome.org/show_bug.cgi?id=326702
[2] https://issues.apache.org/bugzilla/show_bug.cgi?id=46521
--
To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]
