On Mar 9, 2016, at 6:38 PM, Francis Roy <li...@unimportantstuff.com> wrote: > Thank you that answers my question quite nicely. It's not a giant flag waving > at the internet, but if someone got a hold of my machine directly, it could > provide a small bit of information used in a general strategy.
Right. It's not automatically unsafe to allow other users to see your mounted disks' contents[1], but the casual user's expectation is that user A can't tell what files user B has, so the default setup is to disallow that. But if you *want* to expose some files to other users (in this case, to the "_www" user that Apache runs as) then it's reasonable to give them execute (aka search) and possibly read permission. --------------------------------------------------------------------- To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org For additional commands, e-mail: users-h...@httpd.apache.org
