On Thu, Apr 29, 2004 at 02:50:19AM +0200, Graham Leggett wrote: > Hi all, > > I am busy researching the idea of an Apache + DAV server that would do > the job of what a typical Samba server does now - file sharing. An > Apache server would have the advantage of native SSL support, flexible > authentication configuration, etc.
Note that Apple's iDisk is simply Apache/mod_dav, so the idea certainly isn't far-fetched :-) > One thing I would like to be able to do is have the DAV server read and > write files as system users, along the lines of what suexec achieves for > cgi programs. Obviously the DAV server would need to run as root (or > have some mechanism like suexec) in order to achieve this, and would > probably be set up as a private stripped down DAV-only server hiding > behind a reverse proxy of some kind in order to improve security. Eesh. This has tended to come up w.r.t mod_dav for over five years now. My point of view is best summarized in this email: http://mailman.lyra.org/pipermail/dav-dev/2000-November/001746.html I really don't recommend it. Why do you need to have different owners for the files? Are people going to be logging onto the box and need to interact with the files locally? That has a number of other problems (such as staying in sync with mod_dav w.r.t locking and properties and atomicity of requests, etc). My POV has been (for a LONG while now): the DAV repository is private to the web server and the mod_dav module. Don't let local users near it. Cheers, -g -- Greg Stein, http://www.lyra.org/
