Re: [EMAIL PROTECTED] Apache directory access Suse AppArmor

2008-10-17 Thread Yoom Nguyen
:48:23 PM (GMT-0500) America/New_York Subject: Re: [EMAIL PROTECTED] Apache directory access Suse AppArmor On Wed, Oct 15, 2008 at 10:55 PM, Yoom Nguyen [EMAIL PROTECTED] wrote: Eric, I got most of what you described but there are still something unclear to me. If I want the WHOLE directory

Re: [EMAIL PROTECTED] Apache directory access Suse AppArmor

2008-10-17 Thread Eric Covener
On Thu, Oct 16, 2008 at 7:09 PM, Yoom Nguyen [EMAIL PROTECTED] wrote: ** This syntax and options will not allow any network to access * Directory /srv/www/my-domain/images/ Options None Order deny,allow Deny from all Allow from 172.10.10.0/255.255.255.0 /Directory

Re: [EMAIL PROTECTED] Apache directory access Suse AppArmor

2008-10-16 Thread Tom Evans
Eric said: Directory /images/ This should be a physical on-disk directory, not a URL-path or a directory name under your document root. If there's no literal directory /images/ in your filesystem, this snippet configuration never applies. On Wed, 2008-10-15 at 07:52 -0500, Yoom Nguyen

Re: [EMAIL PROTECTED] Apache directory access Suse AppArmor

2008-10-16 Thread Eric Covener
On Wed, Oct 15, 2008 at 8:52 AM, Yoom Nguyen [EMAIL PROTECTED] wrote: Eric, It seems if I enable /srv/www/domainroot/images/* via AppArmor then I don't even need to declare Directory /images/ in Apache configuration file. Is this true? It's true that making the files unreadable via the OS

Re: [EMAIL PROTECTED] Apache directory access Suse AppArmor

2008-10-16 Thread Yoom Nguyen
:34:52 AM (GMT-0500) America/New_York Subject: Re: [EMAIL PROTECTED] Apache directory access Suse AppArmor On Wed, Oct 15, 2008 at 8:52 AM, Yoom Nguyen [EMAIL PROTECTED] wrote: Eric, It seems if I enable /srv/www/domainroot/images/* via AppArmor then I don't even need to declare Directory

Re: [EMAIL PROTECTED] Apache directory access Suse AppArmor

2008-10-16 Thread Eric Covener
On Wed, Oct 15, 2008 at 10:55 PM, Yoom Nguyen [EMAIL PROTECTED] wrote: Eric, I got most of what you described but there are still something unclear to me. If I want the WHOLE directory /images to allow view by the OS (AppArmor) and deny view via the network by every other network except net

[EMAIL PROTECTED] Apache directory access Suse AppArmor

2008-10-15 Thread Yoom Nguyen
Can anyone tell me what is the different between Apache2 directory access as compare to AppArmor come with SuSE? I though SuSe AppArmor allow administrator to control the files, directory system level access.  And If you define something like these syntax below it will allow

Re: [EMAIL PROTECTED] Apache directory access Suse AppArmor

2008-10-15 Thread Eric Covener
On Wed, Oct 15, 2008 at 7:53 AM, Yoom Nguyen [EMAIL PROTECTED] wrote: Can anyone tell me what is the different between Apache2 directory access as compare to AppArmor come with SuSE? They're independent, and you need to satisfy both to successfully serve a file. Just like Apache config and

Re: [EMAIL PROTECTED] Apache directory access Suse AppArmor

2008-10-15 Thread Yoom Nguyen
, Y - Original Message - From: Eric Covener [EMAIL PROTECTED] To: users@httpd.apache.org Sent: Wednesday, October 15, 2008 10:53:38 PM (GMT-0500) America/New_York Subject: Re: [EMAIL PROTECTED] Apache directory access Suse AppArmor On Wed, Oct 15, 2008 at 7:53 AM, Yoom Nguyen [EMAIL