On Friday 22 March 2002 01:39, Erik Price wrote:
> On Thursday, March 21, 2002, at 12:22 PM, Jason Wong wrote:
> > On Friday 22 March 2002 00:54, Erik Price wrote:
> >> Isn't it just a matter of setting the permissions? apache can't have
> >> read access to this directory, that's all.
> > No, he doesn't want apache to *list* files in that directory but still
> > to be
> > able to serve files *from* that directory.
> I'm not trying to argue, I just want to make sure that *I* understand
> how Apache works -- I thought that if you deny "read" access to a
> directory to Apache, then it won't list the files, but as long as Apache
> still has "execute" access to the directory then it should still serve
> files from it. Just like using "ls" in the shell, you can read files in
> a directory you cannot read, as long as you can execute the directory
> and know the exact filename.
I don't know what ramifications it will have by denying apache read access to
a directory. But what the poster asked for is a standard apache directive so
the prudent approach would be to set this from within apache and not through
> Am I wrong?
I really don't know. Try it and tell us ;-)
Jason Wong -> Gremlins Associates -> www.gremlins.com.hk
The future isn't what it used to be. (It never was.)
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php