Solved

user dir access

Posted on 2001-08-14
5
231 Views
Last Modified: 2010-03-04
Hello experts.
I've got a pretty easy question for you.
I've set up apache to let users have a public_html dir in their home dir (UserDir public_html)

To get it to work i had to chmod 755 the all the users dirs, otherwise it would give me '403 Forbidden...' errors.

Is there any other way to let users have their public_html dirs without letting all the other users access their home dirs?

0
Comment
Question by:nikitin
5 Comments
 

Accepted Solution

by:
phlc earned 34 total points
ID: 6385646
user@host:/home/user$ chown user:user public_html

this will give the 755 just for the USER on you public_html dir, and others cant have access .


0
 
LVL 15

Assisted Solution

by:samri
samri earned 33 total points
ID: 6391699
nikitin,

I have checked the Apache docs, and did my own testing,  itt's fruitless.  Apache seems to require read-access to the folder, and it's parent folder.

Apache somehow need to be executed as ono user (just like anyother user on the system).  Perhaps, you could run apache as root, and the problem with user directory restriction will not be a proble.  But this will impose another security issue.

I still believe that the is a way around this limitation.. but yet to fid out.

good luck.
0
 
LVL 2

Assisted Solution

by:pheur
pheur earned 33 total points
ID: 6410790
A compromise solution:
chmod 711 ~user
chmod 755 ~user/public_html
If you have all users in the same group (like in SlackWare) change the first line to:
chmod 701 ~user
The users won't see the content of each other's directory, but they may access files if they know the names and have the permissions on those files/dirs (public_html is one of these)

Alternatively, setup for each user a different space to put their homedir (such as /var/user-www/username) and use mod_rewrite to make the redirection (http://httpd.apache.org/docs/mod/mod_rewrite.html). In this case you can chmod 700 the homedirs.

Running apache as root is out of question. If I remember well you have to recomile it specially to accept that.

----
Radu-Adrian Feurdean
Brainbench Linux MVP
0

Featured Post

Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

Join & Write a Comment

In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting http://domain.com (http://domain.com) to http…
It is possible to boost certain documents at query time in Solr. Query time boosting can be a powerful resource for finding the most relevant and "best" content. Of course the more information you index, the more fields you will be able to use for y…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

743 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now