Solved

user dir access

Posted on 2001-08-14
5
244 Views
Last Modified: 2010-03-04
Hello experts.
I've got a pretty easy question for you.
I've set up apache to let users have a public_html dir in their home dir (UserDir public_html)

To get it to work i had to chmod 755 the all the users dirs, otherwise it would give me '403 Forbidden...' errors.

Is there any other way to let users have their public_html dirs without letting all the other users access their home dirs?

0
Comment
Question by:nikitin
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 

Accepted Solution

by:
phlc earned 34 total points
ID: 6385646
user@host:/home/user$ chown user:user public_html

this will give the 755 just for the USER on you public_html dir, and others cant have access .


0
 
LVL 15

Assisted Solution

by:samri
samri earned 33 total points
ID: 6391699
nikitin,

I have checked the Apache docs, and did my own testing,  itt's fruitless.  Apache seems to require read-access to the folder, and it's parent folder.

Apache somehow need to be executed as ono user (just like anyother user on the system).  Perhaps, you could run apache as root, and the problem with user directory restriction will not be a proble.  But this will impose another security issue.

I still believe that the is a way around this limitation.. but yet to fid out.

good luck.
0
 
LVL 2

Assisted Solution

by:pheur
pheur earned 33 total points
ID: 6410790
A compromise solution:
chmod 711 ~user
chmod 755 ~user/public_html
If you have all users in the same group (like in SlackWare) change the first line to:
chmod 701 ~user
The users won't see the content of each other's directory, but they may access files if they know the names and have the permissions on those files/dirs (public_html is one of these)

Alternatively, setup for each user a different space to put their homedir (such as /var/user-www/username) and use mod_rewrite to make the redirection (http://httpd.apache.org/docs/mod/mod_rewrite.html). In this case you can chmod 700 the homedirs.

Running apache as root is out of question. If I remember well you have to recomile it specially to accept that.

----
Radu-Adrian Feurdean
Brainbench Linux MVP
0

Featured Post

Enroll in June's Course of the Month

June’s Course of the Month is now available! Experts Exchange’s Premium Members, Team Accounts, and Qualified Experts have access to a complimentary course each month as part of their membership—an extra way to sharpen your skills and increase training.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
If your site has a few sections that need to be secure when data is transmitted between the server and local computer, such as a /order/ section for ordering or /customer/ which contains customer data, etc it would of course be recommended to secure…
Michael from AdRem Software outlines event notifications and Automatic Corrective Actions in network monitoring. Automatic Corrective Actions are scripts, which can automatically run upon discovery of a certain undesirable condition in your network.…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …

707 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question