On Tue, Aug 24, 2004 at 03:09:04PM -0600, RYAN vAN GINNEKEN wrote: > SEE ERROR BELOW > > Was playing with permissions on my home dirs last night and changed > everything to chmod 700 had some problem with users looking at and > copying other users webpages. I have a directory in each users home > dir named www where they keep there web files ie > /usr/home/username/www so i guess when i changed everything to 700 > apache was unable to use these files. > > Now i have tried the best i can to change everything back set to > chmod to 655 and even tried moving a site to /usr/local/www/username > in hope that apache could read it there but no luck what has happened > please help. > > Wait now things have started to work, for the web site that i moved to > /usr/local/www/username. There seems to be some lag after i make > changes to the permissions and restart apache is this possible. > > I have a real mess on my hands now guess i will have to play with > permissions and modes now to get all the sites backup. How do i set > up home directories that are secure for each user ie other users on > the system cannot read them but apache can. Should i move all web > pages to the /usr/local/www dir. Also is there some way to automate > this so that when i create a new user or modify a file things will > work correctly. Have been using UNIX for many years finally got up > the courage to play with modes and perms. Guess i shot myself in the > foot like i have been warned about by many people and docs. <snip>
A better approach would be to set each users home dir itself to 700 permissions, not necessarily all the files and directories in each users dir. Are you using a httpd.conf directive such as <Directory /home/*/public_html> to allow users to publish files from their home dir, or are you putting sym links in the web root? Nathan -- PGP Public Key: pgp.mit.edu:11371/pks/lookup?op=get&search=0xD8527E49
pgp8QHJ10Aiig.pgp
Description: PGP signature
