On Thu, Dec 06, 2001 at 12:55:25PM -0800, Andrew Ho wrote: > Hello, > > PL>That's the price you pay for this functionality. Because we use > PL>Apache's native file serving code we need a url->directory mapping > PL>somewhere. > PL> > PL>Of course you don't need to make the entire docroot writable, just the > PL>directory corresponding to your script. > > Apologies if this is obvious--I haven't downloaded and tried this module > yet. But would it not be possible to specify a separate directory > altogether and make it serveable (<Directory ...> ... Allow from all ...)? > If so perhaps it'd be easy to add this as a configurable parameter.
Yes, you can do this using the regular Apache directives: # mkdir /var/cache/www/mydir # chown apache /var/cache/www/mydir # vi /etc/httpd/conf/httpd.conf .... <Directory /var/cache/www/mydir> AllowOverride None Order allow,deny Allow from all </Directory> Alias /mydir/ /var/cache/www/mydir/ > In general it is a fine idea to not make the DocumentRoot writeable by the > web user. In fact, I believe it is a good policy that the web user should > be able to write only to a small subset of controlled locations. Yes, I agree totally! I'll add some warning to the docs to make sure that people do not inadvertently misconfigure their servers.. -- Paul Lindner [EMAIL PROTECTED] ||||| | | | | | | | | | mod_perl Developer's Cookbook http://www.modperlcookbook.org Human Rights Declaration http://www.unhchr.ch/udhr/index.htm