Re: apache, public_html, and security

1997-07-25 Thread Pure Energy
On Thu, 24 Jul 1997 [EMAIL PROTECTED] wrote: > Sure, but what's the problem ? Maybe I misunderstood the original > question. I think he wants to keep the users homedir and subdirs other > than public_html secret. And public_html readable and browsable by > all/the webserver. >

Re: apache, public_html, and security

1997-07-24 Thread Martin . Bialasinski
On 24 Jul, Pure Energy wrote: > Having thing set with these perms keeps local users from looking > at your things yes but keep in mind that a local user can look at your > url, know fairly well that there is an index.html, index.htm or > index.shtml there. even with these permissions they ca

Re: apache, public_html, and security

1997-07-24 Thread Pure Energy
On 24 Jul 1997, Manoj Srivastava wrote: > Hi, > > Even if the users home directory is o-rw, and the public_html > directory is o+rx, any other user can still read the files in the > public_html directory. (try it) > > manoj Ok this is how i have things setup.. No one can see

Re: apache, public_html, and security

1997-07-24 Thread Manoj Srivastava
Hi, Even if the users home directory is o-rw, and the public_html directory is o+rx, any other user can still read the files in the public_html directory. (try it) manoj -- "The greatest warriors are the ones who fight for peace." Holly Near Manoj Srivastava mail

Re: apache, public_html, and security

1997-07-24 Thread Ingo Fischenich
[EMAIL PROTECTED] writes: > Make sure, that the permissions on the public_html are set to o+rx : > > drwxrwxr-x 2 elmarmartinb 1024 Jun 23 00:54 public_html You only need to set o+x for public_html with apache 1.2.1 ingo -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail th

Re: apache, public_html, and security

1997-07-24 Thread Martin . Bialasinski
On 23 Jul, Paul Miller wrote: > is there a way I can prevent users from looking at other user's dirs and > still have the public_html function of apache (v1.2.1)? > I think you can do this: If you have: drwxrwxr-x 6 elmarelmar1024 Jun 23 00:48 elmar (this is the homedir of user

Re: apache, public_html, and security

1997-07-23 Thread Manoj Srivastava
>>"Paul" == Paul Miller <[EMAIL PROTECTED]> writes: Paul> is there a way I can prevent users from looking at other user's Paul> dirs and still have the public_html function of apache (v1.2.1)? Not trivially. The http server process runs as user www-data (for apache, boa runs as user nobo

apache, public_html, and security

1997-07-23 Thread Paul Miller
is there a way I can prevent users from looking at other user's dirs and still have the public_html function of apache (v1.2.1)? Paul -- TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to [EMAIL PROTECTED] . Trouble? e-mail to [EMAIL PROTECTED] .