Re: SOLVED (sort of) - Re: OT: Accessing users' pages on Apache
Kent West said:
> That did it.
>
> But this seems like a fundamental flaw. User's should be restricted
> (generally speaking) to writing only to their own home directories, so
> it seems this is the place for them to put their web pages. But opening
> up their home directories to world execute seems like a bad idea.
if you believe this to be the case then setup another place to host
user's html stuff would be the best solution. since apache does not run
as root it has no way of accessing those files.
take for example:
[root@aphro:/tmp]# mkdir -p www/test
[root@aphro:/tmp]# chmod 755 www
[root@aphro:/tmp]# chmod 700 www/test
[root@aphro:/tmp]# mkdir www/test/public_html
[root@aphro:/tmp]# chmod 555 www/test/public_html
[root@aphro:/tmp]# echo blah >www/test/public_html/index.html
[root@aphro:/tmp]# su www-data
[www-data@aphro:/tmp]# id
uid=33(www-data) gid=33(www-data) groups=33(www-data)
[www-data@aphro:/tmp]# cd www/test/public_html
sh: cd: www/test/public_html: Permission denied
[www-data@aphro:/tmp]# cat www/test/public_html/index.html
cat: www/test/public_html/index.html: Permission denied
you could do something like, create directories /var/www/westk/public_html
and change apache's config UserDir to /var/www/*/public_html then in
the user's actual homes symlink public_html to /var/www/*/public_html
if you wanted to be more protective of the permissions.
glad you got it workin, I knew it was something simple :)
nate
Reply to: