Re: Users deleting public_html and log causing Apache to fail startup

To: Jason Lim <maillist@jasonlim.com>
Cc: Peter Palfrader <weasel@debian.org>, Chris Wagner <wagnerc@plebeian.com>, debian-isp@lists.debian.org
Subject: Re: Users deleting public_html and log causing Apache to fail startup
From: abo@minkirri.apana.org.au (Donovan Baarda)
Date: Fri, 5 Jul 2002 13:33:55 +1000
Message-id: <[🔎] 20020705033355.GC12884@minkirri.apana.org.au>
In-reply-to: <[🔎] 008001c223c7$98f2aca0$0200a8c0@gateway>
References: <200207050103.g6513iA13711@mail.goodnews.net> <[🔎] 20020705011218.GC3990@valiant.oeknet.mhn.de> <[🔎] 008001c223c7$98f2aca0$0200a8c0@gateway>

On Fri, Jul 05, 2002 at 11:38:53AM +1000, Jason Lim wrote:
> > But won't "rmdir ." succeed if they are in the public_html directory?
[...]
> I was just thinking about (using your examples) making the htdocs and
> cgi-bin directories immutable (+i). However, I am not very familiar with
> using those "flags" so Im not certain as to what consequences that would
> have... making it immutable means that the directory won't be able to be
> deleted, but files CAN be added/deleted within the immutable directory
> directory, right?

I think the +t sticky bit is what you want. From the chmod man page;

STICKY DIRECTORIES
       When the sticky bit is set on a directory, files in that
       directory may only be unlinked or renamed by root or their
       owner.  (Without the sticky bit, anyone able to write to
       the  directory can delete or rename files.) ...

                     
Given this, I would suggest something like this for an example user "abo";

minkirri:~$ dl
total 2
drwxrws--t    4 root     abo            81 Jul  5 13:13 ./
drwxrwsrwx    6 root     root          458 Jul  5 13:17 ../
drwxr-s---    2 root     abo            35 Jul  5 13:13 log/
drwxrwsr-x    2 root     abo            35 Jul  5 13:13 public_html/

Note that ~ only allows "other" execute access. This allows apache to access
and serve ~/public_html, but no "other"s can list ~. The +t setting means
files in this directory can only be deleted/renamed by their owners. The g+s
settings are there to ensure files in these directories are group abo.

Note that ~, ~/log, and ~/public_html are root:abo. The group abo has
read/write access to ~/public_html, but because abo doesn't own it he can't
remove it. The group abo has only read access to ~/log and can't remove it
either.

-- 
----------------------------------------------------------------------
ABO: finger abo@minkirri.apana.org.au for more info, including pgp key
----------------------------------------------------------------------


-- 
To UNSUBSCRIBE, email to debian-isp-request@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

Reply to:

Follow-Ups:
- Re: Users deleting public_html and log causing Apache to fail startup
  - From: abo@minkirri.apana.org.au (Donovan Baarda)

References:
- Re: Users deleting public_html and log causing Apache to fail startup
  - From: Peter Palfrader <weasel@debian.org>
- Re: Users deleting public_html and log causing Apache to fail startup
  - From: "Jason Lim" <maillist@jasonlim.com>

Prev by Date: Re: Users deleting public_html and log causing Apache to fail startup
Next by Date: Re: Users deleting public_html and log causing Apache to fail startup
Previous by thread: Re: Users deleting public_html and log causing Apache to fail startup
Next by thread: Re: Users deleting public_html and log causing Apache to fail startup
Index(es):
- Date
- Thread