hans schneidhofer wrote on Sun, Sep 22, 2002 at 02:48:32PM +0200 : > have discovered a "new" behavior in mdk 8.2 in the directory
yes, it has to do with making things super secure by default and then
only allowing access to what you open up manually (ie so that a user who
finds a why to exploit the system to show you paths outside of the
configured areas, such as /etc/*, will not be permitted).
> listing. thats the first.
> the 2nd thing, I doesn't understand is, I made a new directory mysql,
> made a cd and then a ln -s to the manual.htl of mysql, but now I got a
Where is that directory? That's going to be the directory (the real
path, not the symlink location) that needs to be allowed.
The first thing that apache does is reject all access to the file system
starting at /. The second thing that it does is allow access to the
file system starting at /var/www/html, but with Indexes turned off and
it also forbids symlinks from being followed (unless they are pointing
to something inside /var/www/html). The third thing that it does is
allow access to a specific symlink, the manual, by saying that
/usr/share/doc/apache-manual-1.3.23 is allowed. This third step allows
the symlink in /var/www/html that points to
/usr/share/doc/apache-manual-1.3.23 to actually work.
So in summary, what you need to do is enable the actual path
/path/to/mysql to be allowed using a <Directory></Directory> set of
tags. Do it somewhere in the vicinity of where /var/www/html is
defined. An example:
<Directory /path/to/mysql>
Options +Indexes
# if you want to allow ftp style file lists
Allowoverride all
Order allow,deny
Allow from all
# Could also do something like "Allow from 192.168.1.0/255.255.255.0"
# Deny from _something_ could also be used to allow specific hosts/nets
Blue skies... Todd
--
MandrakeSoft USA http://www.mandrakesoft.com
Never take no as an answer from someone who's not authorized to say yes.
--Ben Reser on Cooker ML
Cooker Version mandrake-release-9.0-0.3mdk Kernel 2.4.19-12mdk
msg57935/pgp00000.pgp
Description: PGP signature
