I have a Solaris 2.5 (x86) system running the Apache Webserver. The Apache Webserver is running as the "NOBODY" user and "NOBODY" group. The root directory for the Apache Webserver is:
Under this directory are 4 subdirectories:
Within the htdocs directory are all the .htm/.html files, .gif and .jpg images for the "root" webpage (these are the pages that a user sees via a browser when he/she types a URL of http://www.domain.com
ALSO WITHIN the htdocs directory are subdirectories for different webpages. All of the following directories would be examples of this:
Each of these sites are accessed via a browser by entering the URL: http://www.domain.com/webpage~
(where "~" is A, or B, or C, etc.)
Additionally, within each one of the subdirectories (webpageA, webpageB, webpageC, etc.) is a cgi-bin directory.
NOTES: This web server serves a large school district (comprised of 20 separate schools and a main administrative center). The domain for the school is ncusd203.org and the main page (maintained by a webmaster at the administrative center) is located at http://www.ncusd203.org
Each one of the schools has its own webpages. For example, Central H.S. webpages are located at http://www.ncusd203.org/central
Each school has its own "webmaster" that is responsible for that school's webpages. Each individual school's webmaster needs to be able to FTP files into the proper directory, but NOT be able to change directories (cd ..) using their FTP client software to get into any other school's web directory. This is to ensure that a webmaster is only responsible for his/her own individual school and isn't able to "accidentally" delete, modify, etc. any other school's webpages.
Now, for the question, how do I actually set up the permissions to dis-allow the changing of directories by each individual, yet still allow the Apache Webserver to access the needed files (remember, the Apache Webserver is running as NOBODY:NOBODY) and still allow all pages to be viewed by the outside world (via browsers).
I have tried to chmod the ".." file in each directory, but this prevented the webpages from being access via the web.
Any thoughts? I look forward to hearing your answers! Also, please be kind and don't select "answer" to this question unless you are absolutely sure of the answer. This will "lock" out the other experts from giving comments. If a comment provided actually helps me solve this problem, I will email you immeidately and make sure that you are awarded the points! Thanks.