chmod o+x /home/*
is all you need for the users. It allows the world
to enter the directories but not list them. I
would recommend:
find /home -type d -name public_html -exec chmod 2750 {} \;
find /home -type d -name public_html -exec chown -R .apache {} \;
which sets the group sticky bit on the public_html directories.
All new files/directories created in public_html will have group
apache.
HTH,
Bill Shirley
PS. It is secure if everything in ~/ has the correct permissions.
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Behalf Of Todd Slater
Sent: Monday, May 10, 2004 4:30 PM
To: Mandrake Newbie
Subject: Re: [newbie] apache making me batty
On Mon, May 10, 2004 at 03:27:10PM -0400, Todd Slater wrote:
On a 9.1 box running highest level security with Apache
1.3. I'm trying
to access the ~/username directory but keep getting 403
forbidden error.
~/public_html is readable by all
~/public_html/index.html is readable by all
In /etc/httpd/conf/commonhttpd.conf I have:
Directory /home/*/public_html
AllowOverride All
Options MultiViews -Indexes Includes FollowSymLinks
IfModule mod_access.c
Order allow,deny
Allow from all
/IfModule
/Directory
which seems to be pretty standard. I don't see anything in
the apache
logs other than the 403 errors. Anybody know what's up with that?
Well it seems that ~/ needs to be +x, too, so chmod 755 ~/. It works,
but do you reckon it's safe? Also, msec's bound to change permissions
any second now, back to the archives!
Todd
--
Name that tune #18: When you own a big chunk of the bloody third world
the babies just come with the scenery.
Want to buy your Pack or Services from MandrakeSoft?
Go to http://www.mandrakestore.com
Join the Club : http://www.mandrakeclub.com
