Re: apache, public_html, and security
On Thu, 24 Jul 1997 Martin.Bialasinski@uni-koeln.de wrote:
> Sure, but what's the problem ? Maybe I misunderstood the original
> question. I think he wants to keep the users homedir and subdirs other
> than public_html secret. And public_html readable and browsable by
> all/the webserver.
> ------------------------------------------------------------------------
> is there a way I can prevent users from looking at other user's dirs and
> still have the public_html function of apache (v1.2.1)?
> ------------------------------------------------------------------------
>
> If you want restrictions on public_html you have to look at .htaccess
>
Ahh sorry :) .. to prevent localusers from looking at others user's dirs
simply chmod o-r /home/user
drwxr-x--x 40 adren adren 3072 Jul 24 20:51 adren
This way if a user cd's to anothers home dir and type "ls" they get this
ls: .: Permission denied
If your users are all in the same "group" remember that you will have to
chmod go-r /home/user
drwx--x--x 40 adren staff 3072 Jul 24 20:51 adren
I have my public_html perms set the same with chmod go-r public_html. It
doesn't matter really as long as it's +x by all.
drwx--x--x 27 adren adren 2048 Jul 9 23:02 public_html
Apply these to your user dirs and things will work the way you wish :)
-Rob
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org .
Trouble? e-mail to templin@bucknell.edu .
Reply to: