> > Can some one comments on such a scenario as far as security goes: > > I have a site (site2) and that site's DocumentRoot is "/web" > (/home/sites/site2/web) Then I cam and I created folders to be used. > > Under (/home/sites/site2) I created two folders as follow: > > drwx-wx--- 2 site4_admin httpd 1024 Jun 23 17:14 folder1 > drwx------ 2 httpd site4 1024 Jun 23 19:51 folder2 These directories has no effect whatsoever on httpd, as they're out of the root directory for the site and thus irrelevant (with one expection - cgi scripts CAN access there, and will have full permissions to do everything in those two directories) > Under (/home/sites/site2/web) I have: > > dr-x------ 12 httpd httpd 1024 Jun 23 02:40 folder3 > > > Thus, folder3 is browsable and set to rx just for httpd, now the issue is > that am I violating any Cobalt rules. In other words is it secure to do the > above or am i opening a security whole? Any trouble I might get into other > than the Quota for that virtual site (site2). Same note like before? > > Any advice is highly appreciated, > > KAL > > - shimi _______________________________________________ cobalt-developers mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-developers
