Re: apache, public_html, and security

On Thu, 24 Jul 1997 [EMAIL PROTECTED] wrote: Sure, but what's the problem ? Maybe I misunderstood the original question. I think he wants to keep the users homedir and subdirs other than public_html secret. And public_html readable and browsable by all/the webserver.

Re: apache, public_html, and security

Paul == Paul Miller [EMAIL PROTECTED] writes: Paul is there a way I can prevent users from looking at other user's Paul dirs and still have the public_html function of apache (v1.2.1)? Not trivially. The http server process runs as user www-data (for apache, boa runs as user nobody). In

Re: apache, public_html, and security

On 23 Jul, Paul Miller wrote: is there a way I can prevent users from looking at other user's dirs and still have the public_html function of apache (v1.2.1)? I think you can do this: If you have: drwxrwxr-x 6 elmarelmar1024 Jun 23 00:48 elmar (this is the homedir of user

Re: apache, public_html, and security

[EMAIL PROTECTED] writes: Make sure, that the permissions on the public_html are set to o+rx : drwxrwxr-x 2 elmarmartinb 1024 Jun 23 00:54 public_html You only need to set o+x for public_html with apache 1.2.1 ingo -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the

Re: apache, public_html, and security

Hi, Even if the users home directory is o-rw, and the public_html directory is o+rx, any other user can still read the files in the public_html directory. (try it) manoj -- The greatest warriors are the ones who fight for peace. Holly Near Manoj Srivastava

Re: apache, public_html, and security

On 24 Jul 1997, Manoj Srivastava wrote: Hi, Even if the users home directory is o-rw, and the public_html directory is o+rx, any other user can still read the files in the public_html directory. (try it) manoj Ok this is how i have things setup.. No one can see in my

Re: apache, public_html, and security

On 24 Jul, Pure Energy wrote: Having thing set with these perms keeps local users from looking at your things yes but keep in mind that a local user can look at your url, know fairly well that there is an index.html, index.htm or index.shtml there. even with these permissions they can

apache, public_html, and security

is there a way I can prevent users from looking at other user's dirs and still have the public_html function of apache (v1.2.1)? Paul -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word unsubscribe to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .