Email address obfuscation in effect -- please
click here to turn it off.
[
Date Prev][
Date Next][
Thread Prev][
Thread Next][
Date Index][
Thread Index]
On Thu, 20 Mar 2008 EMAIL:PROTECTED wrote:
I've copied this over to the members list, as it probably belongs there.
Good point.
So from a security standpoint, you are granting access only to files
inside the public_html folder in each user's home folder, not the home
folder itself.
True, but there is another thing to look out for -- users may be allowed
to use symlinks to direct the server to any location on the system. If
that is allowed, and they do this...
cd ~/public_html
ln -s / root
...so much for your security! And believe me, I know that works because I
just did it (and then undid it) on my own system. The web server will
then display any files on the system that the server has permission to
read. The server group might be "nobody" or "apache," but many files are
readable by all.
So you might want to disallow this. I think the directive is
"FollowSymLinks" and you'll want to turn that off.
Mike
_______________________________________________
members mailing list
EMAIL:PROTECTED
http://mlug.missouri.edu/mailman/listinfo/members
Home | FAQ | Server | Presentations | Mailing Lists/Archives | Member Tools | Links | Sponsors | Contact