set the dir to be owned by group "httpd", make sure that the group can read the files.
chgrp httpd files chmod 750 files
So long as apache/httpd is run as userid "httpd" it can read the files, other users cant!
One more thing that you must consider is that your users can probably run PHP as well. That means that they can so something like:
<?php
system("tar cf servers-code.tar /var/www/html/private-php");
?>If you want to prevent abuse by users, you have to disable their ability to run PHP as well.
If you're on RHL 8 or 9, edit /etc/httpd/conf.d/php, and put a "Directory" limit around the "Files" section:
<Directory /var/www>
<Files *.php>
SetOutputFilter PHP
SetInputFilter PHP
LimitRequestBody 524288
</Files>
</Directory>You might want to duplicate that for /usr/share, so that applications like Squirrelmail will work.
-- redhat-list mailing list unsubscribe mailto:[EMAIL PROTECTED] https://www.redhat.com/mailman/listinfo/redhat-list
