On Wed, Jun 29, 2016 at 08:15:35PM +0200, Johan Tärnklint wrote: > Seeking advice / security tips. > > Is it safe to create /var/www/htdocs/user1 and symlink to their home folder? > > Then set permissions to user1:www on /var/www/htdocs/user1 ? > > Does it break the chroot? Is it safe? Better solution?
It won't work. httpd in chroot cannot read files outside of /var/www, so it cannot access /home/user1. Allowing web access to the full home directory of a user is not a good idea anyway. There are configuration files in there, some of which may contain sensitive information. Users may make errors while configuring permissions for sensitive files, accidentally exposing private information. Instead, you could do it the other way around: Create a symlink in the user's home dir which points to the user's dir in /var/www: /home/user1/public_html -> /var/www/htdocs/user1 Now users can place files they want to expose to the web into ~/public_html and the web server will be able to read them.
