chmod o+x /home/*
is all you need for the users. It allows the world
to enter the directories but not list them. I
would recommend:
find /home -type d -name public_html -exec chmod 2750 {} \;
find /home -type d -name public_html -exec chown -R .apache {} \;
which sets the group sticky bit on the public_html directories.
All new files/directories created in public_html will have group
apache.
HTH,
Bill Shirley
PS. It is secure if everything in ~/ has the correct permissions.
> -----Original Message-----
> From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
> Behalf Of Todd Slater
> Sent: Monday, May 10, 2004 4:30 PM
> To: Mandrake Newbie
> Subject: Re: [newbie] apache making me batty
>
>
> On Mon, May 10, 2004 at 03:27:10PM -0400, Todd Slater wrote:
> > On a 9.1 box running highest level security with Apache
> 1.3. I'm trying
> > to access the ~/username directory but keep getting 403
> forbidden error.
> >
> > ~/public_html is readable by all
> > ~/public_html/index.html is readable by all
> >
> > In /etc/httpd/conf/commonhttpd.conf I have:
> >
> > <Directory /home/*/public_html>
> > AllowOverride All
> > Options MultiViews -Indexes Includes FollowSymLinks
> > <IfModule mod_access.c>
> > Order allow,deny
> > Allow from all
> > </IfModule>
> > </Directory>
> >
> > which seems to be pretty standard. I don't see anything in
> the apache
> > logs other than the 403 errors. Anybody know what's up with that?
>
> Well it seems that ~/ needs to be +x, too, so chmod 755 ~/. It works,
> but do you reckon it's safe? Also, msec's bound to change permissions
> any second now, back to the archives!
>
> Todd
>
> --
> Name that tune #18: When you own a big chunk of the bloody third world
> the babies just come with the scenery.
>
>
____________________________________________________
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
____________________________________________________
