Solved

user dir access

Posted on 2001-08-14
5
232 Views
Last Modified: 2010-03-04
Hello experts.
I've got a pretty easy question for you.
I've set up apache to let users have a public_html dir in their home dir (UserDir public_html)

To get it to work i had to chmod 755 the all the users dirs, otherwise it would give me '403 Forbidden...' errors.

Is there any other way to let users have their public_html dirs without letting all the other users access their home dirs?

0
Comment
Question by:nikitin
5 Comments
 

Accepted Solution

by:
phlc earned 34 total points
ID: 6385646
user@host:/home/user$ chown user:user public_html

this will give the 755 just for the USER on you public_html dir, and others cant have access .


0
 
LVL 15

Assisted Solution

by:samri
samri earned 33 total points
ID: 6391699
nikitin,

I have checked the Apache docs, and did my own testing,  itt's fruitless.  Apache seems to require read-access to the folder, and it's parent folder.

Apache somehow need to be executed as ono user (just like anyother user on the system).  Perhaps, you could run apache as root, and the problem with user directory restriction will not be a proble.  But this will impose another security issue.

I still believe that the is a way around this limitation.. but yet to fid out.

good luck.
0
 
LVL 2

Assisted Solution

by:pheur
pheur earned 33 total points
ID: 6410790
A compromise solution:
chmod 711 ~user
chmod 755 ~user/public_html
If you have all users in the same group (like in SlackWare) change the first line to:
chmod 701 ~user
The users won't see the content of each other's directory, but they may access files if they know the names and have the permissions on those files/dirs (public_html is one of these)

Alternatively, setup for each user a different space to put their homedir (such as /var/user-www/username) and use mod_rewrite to make the redirection (http://httpd.apache.org/docs/mod/mod_rewrite.html). In this case you can chmod 700 the homedirs.

Running apache as root is out of question. If I remember well you have to recomile it specially to accept that.

----
Radu-Adrian Feurdean
Brainbench Linux MVP
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In my time as an SEO for the last 2 years and in the questions I have assisted with on here I have always seen the need to redirect from non-www urls to their www versions. For instance redirecting http://domain.com (http://domain.com) to http…
Hi, in this article I'm going to teach you how to run your own site, and how to let people in (without IP). I'll talk about and explain each step... :) By the way, everything in this Tutorial is completely free and legal. This article is for …
Migrating to Microsoft Office 365 is becoming increasingly popular for organizations both large and small. If you have made the leap to Microsoft’s cloud platform, you know that you will need to create a corporate email signature for your Office 365…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now