Re: apache, public_html, and security
On 24 Jul, Pure Energy wrote:
> Having thing set with these perms keeps local users from looking
> at your things yes but keep in mind that a local user can look at your
> url, know fairly well that there is an index.html, index.htm or
> index.shtml there. even with these permissions they can cd to your
> public_html dir and vi index.html (or index.htm index.shtml) and see other
> things you have. Or simply look at the code via the browser. :-)
> Apache already knows where the dirs are so they don't need to be
> readable by group and others. Just keep in mind that while all this is
> fine nothing in the public_html dir can be kept secret if it is viewable
> via the web.
>
Sure, but what's the problem ? Maybe I misunderstood the original
question. I think he wants to keep the users homedir and subdirs other
than public_html secret. And public_html readable and browsable by
all/the webserver.
------------------------------------------------------------------------
is there a way I can prevent users from looking at other user's dirs and
still have the public_html function of apache (v1.2.1)?
------------------------------------------------------------------------
If you want restrictions on public_html you have to look at .htaccess
Ciao,
Martin
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: