On Sat, Jan 13, 2007 at 04:56:39PM -0600, Christopher D. Clausen wrote: > Davor Ocelic <[EMAIL PROTECTED]> wrote: > > On Fri, Jan 12, 2007 at 08:39:45AM -0800, Adam Chlipala wrote: > >> Michael Olson wrote: > >> > * apache2/mods-available/userdir.conf: Set AllowOverride to none in > >> > users' public_html, as per old config. > >> > >> We may even want to only enable userdirs on mire, to keep all member > >> web serving in one place. Any thoughts on this? > > > > This would be good. > > I'd like to to be able to restrict certain portions of ~cclausen to > specific people and/or IP addresses. I don't think allowing > "AuthConfig" overrides would be a terrible security issue. If someone > can think of such an instance, please let us know. > > Also, can I suggest simply getting rid of the public_html and setting > the web space directly at ~/ ? This makes a lot more sense with AFS and > its what MIT does. That way users can use a "Public" and "Private" > folder from there and don't have to keep a seperate web-specific > directory.
Interesting. One problem I see with this is that our members who use ~public_html/ do it because they want to serve the website to visitors, not the contents of their home directory. Another issue is, knowing that the contents of your home dir are "shared", you would have to put anything you want to save in Private/, which is another level down the tree. And there's a potential issue of different .rc files with improper permissions being open to the world for reading. I would like your idea better, but I don't think it is practical, given the established patterns of usage of homedirs on HCoop. What do you folks think? -doc _______________________________________________ HCoop-SysAdmin mailing list [email protected] http://hcoop.net/cgi-bin/mailman/listinfo/hcoop-sysadmin
