[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[ale] Apache Security Question



Hi all,
	
	I run apache at home on my mdk-8.2 box. This is the small security problem 
that I have.

Each user has his webpage at

/home/USERNAME/web/

and I use NameVirtualHost directives to get to the directory for different 
users.

However since Apache( httpd ) runs as nobody:nobody its not able to read those 
directories and I get a permission denied.

My solution was to chmod 777 /home/USERNAME and
chmod -r 777 /home/USERNAME/web

But this solution is inelegant as each user can see each others files by just 
changing directories. .htaccess files have no meaning at this point between 
users on the same box.

How can I solve this ?

-- 
------------------------------------------------------------------------ 
Prasanna Subash            |
Linux, the choice          | Noone ever built a statue to a critic. 
of a GNU generation   -o)  | 
Kernel 2.5.18          /\  | 
on a i686             _\_v | 
                           | 
------------------------------------------------------------------------ 


---
This message has been sent through the ALE general discussion list.
See http://www.ale.org/mailing-lists.shtml for more info. Problems should be
sent to listmaster at ale dot org.