On Tue, Aug 27, 2013 at 3:07 AM, David Robley <robl...@zoho.com> wrote:
>
> I beg to differ here. If the x bit isn't set on a directory, that will
> prevent scanning of the directory; in this case apache will be prevented
> from scanning the directory and will return a 403.
Well, that's partially correct. If a directory is owned by
someone other than the current user (for example, root) and is 0776,
you can list the directory content from outside of the directory to
get a basic file listing. What you won't get by doing that, however,
is anything other than the file name and type, because the kernel is
forbidden from executing mtime, ctime, and owner/group queries on the
files. In addition, you won't be able to enter the directory (cd).
That said, if Ethan is running his Apache server as the user
'ethan' (which isn't mentioned) then it would be fine regardless.
As for the 's' notation, that's either a bitmask of 0400 or 0200,
which are for setuid and setgid, respectively.
--
</Daniel P. Brown>
Network Infrastructure Manager
http://www.php.net/
--
PHP General Mailing List (http://www.php.net/)
To unsubscribe, visit: http://www.php.net/unsub.php
