On 24 Jul 1997, Manoj Srivastava wrote: > Hi, > > Even if the users home directory is o-rw, and the public_html > directory is o+rx, any other user can still read the files in the > public_html directory. (try it) > > manoj
Ok this is how i have things setup.. No one can see in my directory even others in the group staff (go-rw). The same thing for my ~/public_html dir and even my personal cgi_bin dir. Having thing set with these perms keeps local users from looking at your things yes but keep in mind that a local user can look at your url, know fairly well that there is an index.html, index.htm or index.shtml there. even with these permissions they can cd to your public_html dir and vi index.html (or index.htm index.shtml) and see other things you have. Or simply look at the code via the browser. :-) drwx--x--x 40 adren staff 3072 Jul 24 12:24 adren drwx--x--x 27 adren adren 2048 Jul 9 23:02 public_html drwx--x--x 3 adren adren 1024 May 23 23:34 cgi_bin Apache already knows where the dirs are so they don't need to be readable by group and others. Just keep in mind that while all this is fine nothing in the public_html dir can be kept secret if it is viewable via the web. -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .