hans schneidhofer wrote on Sun, Sep 22, 2002 at 02:48:32PM +0200 : > have discovered a "new" behavior in mdk 8.2 in the directory
yes, it has to do with making things super secure by default and then only allowing access to what you open up manually (ie so that a user who finds a why to exploit the system to show you paths outside of the configured areas, such as /etc/*, will not be permitted). > listing. thats the first. > the 2nd thing, I doesn't understand is, I made a new directory mysql, > made a cd and then a ln -s to the manual.htl of mysql, but now I got a Where is that directory? That's going to be the directory (the real path, not the symlink location) that needs to be allowed. The first thing that apache does is reject all access to the file system starting at /. The second thing that it does is allow access to the file system starting at /var/www/html, but with Indexes turned off and it also forbids symlinks from being followed (unless they are pointing to something inside /var/www/html). The third thing that it does is allow access to a specific symlink, the manual, by saying that /usr/share/doc/apache-manual-1.3.23 is allowed. This third step allows the symlink in /var/www/html that points to /usr/share/doc/apache-manual-1.3.23 to actually work. So in summary, what you need to do is enable the actual path /path/to/mysql to be allowed using a <Directory></Directory> set of tags. Do it somewhere in the vicinity of where /var/www/html is defined. An example: <Directory /path/to/mysql> Options +Indexes # if you want to allow ftp style file lists Allowoverride all Order allow,deny Allow from all # Could also do something like "Allow from 192.168.1.0/255.255.255.0" # Deny from _something_ could also be used to allow specific hosts/nets Blue skies... Todd -- MandrakeSoft USA http://www.mandrakesoft.com Never take no as an answer from someone who's not authorized to say yes. --Ben Reser on Cooker ML Cooker Version mandrake-release-9.0-0.3mdk Kernel 2.4.19-12mdk
msg57935/pgp00000.pgp
Description: PGP signature