I'd like to know if there is a way to tell apache httpd to fork as 'REMOTE_USER' instead of 'User' variable defined in httpd.conf. The idea is to export a filesystem through HTTP (Dav), and instead of giving apache's user read/write access on the files and play with .htaccess for each folder, let apache fork as the authenticated user so that I can use POSIX rights to give access.
What you're talking about is called "Privilege separation". Please see the wiki page on the subject, which goes into the topic in detail and discusses the difficulties and various potential solutions:
https://wiki.apache.org/httpd/PrivilegeSeparation -- Mark Montague mark@xxxxxxxxxxx --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|