On Friday 22 March 2002 01:39, Erik Price wrote:
> On Thursday, March 21, 2002, at 12:22  PM, Jason Wong wrote:
> > On Friday 22 March 2002 00:54, Erik Price wrote:
> >> Isn't it just a matter of setting the permissions?  apache can't have
> >> read access to this directory, that's all.
> >
> > No, he doesn't want apache to *list* files in that directory but still
> > to be
> > able to serve files *from* that directory.
> I'm not trying to argue, I just want to make sure that *I* understand
> how Apache works -- I thought that if you deny "read" access to a
> directory to Apache, then it won't list the files, but as long as Apache
> still has "execute" access to the directory then it should still serve
> files from it.  Just like using "ls" in the shell, you can read files in
> a directory you cannot read, as long as you can execute the directory
> and know the exact filename.

I don't know what ramifications it will have by denying apache read access to 
a directory. But what the poster asked for is a standard apache directive so 
the prudent approach would be to set this from within apache and not through 
the OS.

> Am I wrong?

I really don't know. Try it and tell us ;-)

Jason Wong -> Gremlins Associates -> www.gremlins.com.hk

The future isn't what it used to be.  (It never was.)

PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php

Reply via email to