[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Users deleting public_html and log causing Apache to fail startup

> But won't "rmdir ." succeed if they are in the public_html directory?

rmdirs _below_ client1/site1/cgi-bin/ and client1/site1/htdocs/ would
all work.

rmdirs of client1/site1/htdocs/, or client1/site1/cgi-bin/ themselves
will not work as that requires modifying the parent directory
(client1/site1) for which the client has no write priviliges.

With that.... wouldn't the client be unable to mkdir client1/site1/testdir

Since client1/site1 is owned by root, and only client1/site1/cgi-bin and
client1/site1/htdocs are owned by the user, the user could only create
directories in those 2 directories, and anywhere else they cannot?

If that were true, that wouldn't be an optimal solution, because the
clients tend to also want to put stuff in directories not accessable by
the web at all. Sometimes, for example, they mkdir
client1/site1/creditcarddetails or something like that, so it is outside
the htdocs directory, but accessable to them via SSH or FTP or something.

I was just thinking about (using your examples) making the htdocs and
cgi-bin directories immutable (+i). However, I am not very familiar with
using those "flags" so Im not certain as to what consequences that would
have... making it immutable means that the directory won't be able to be
deleted, but files CAN be added/deleted within the immutable directory
directory, right?

----- Original Message -----
From: "Peter Palfrader" <weasel@debian.org>
To: "Chris Wagner" <wagnerc@plebeian.com>
Cc: <debian-isp@lists.debian.org>
Sent: Friday, July 05, 2002 11:12 AM
Subject: Re: Users deleting public_html and log causing Apache to fail

To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to: