chmod o+x /home/* is all you need for the users. It allows the world to enter the directories but not list them. I would recommend:
find /home -type d -name public_html -exec chmod 2750 {} \; find /home -type d -name public_html -exec chown -R .apache {} \; which sets the group sticky bit on the public_html directories. All new files/directories created in public_html will have group apache. HTH, Bill Shirley PS. It is secure if everything in ~/ has the correct permissions. > -----Original Message----- > From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] > Behalf Of Todd Slater > Sent: Monday, May 10, 2004 4:30 PM > To: Mandrake Newbie > Subject: Re: [newbie] apache making me batty > > > On Mon, May 10, 2004 at 03:27:10PM -0400, Todd Slater wrote: > > On a 9.1 box running highest level security with Apache > 1.3. I'm trying > > to access the ~/username directory but keep getting 403 > forbidden error. > > > > ~/public_html is readable by all > > ~/public_html/index.html is readable by all > > > > In /etc/httpd/conf/commonhttpd.conf I have: > > > > <Directory /home/*/public_html> > > AllowOverride All > > Options MultiViews -Indexes Includes FollowSymLinks > > <IfModule mod_access.c> > > Order allow,deny > > Allow from all > > </IfModule> > > </Directory> > > > > which seems to be pretty standard. I don't see anything in > the apache > > logs other than the 403 errors. Anybody know what's up with that? > > Well it seems that ~/ needs to be +x, too, so chmod 755 ~/. It works, > but do you reckon it's safe? Also, msec's bound to change permissions > any second now, back to the archives! > > Todd > > -- > Name that tune #18: When you own a big chunk of the bloody third world > the babies just come with the scenery. > >
____________________________________________________ Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com Join the Club : http://www.mandrakeclub.com ____________________________________________________