[users@httpd] read-only webdav folder

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi,
I am having some trouble setting up read-only webdav Location. Below you can see that the logs show DELETE and PUT allowed, while the httpd.conf config for this Location restricts this user to read-only access. So the user has more permission than he should have. The directory permissions you can see below also. Nobody, the Apache user, owns the directory. Now I know I'm missing something very very obvious here. Feel free to be as cruel as you like. :) 

Thanks,
Craig Jackson


10.1.1.10 - - [09/Apr/2005:23:27:18 -0500] "OPTIONS /read/ HTTP/1.1" 401 512
10.1.1.10 - joe [09/Apr/2005:23:27:18 -0500] "OPTIONS /read/ HTTP/1.1" 200 -
10.1.1.10 - joe [09/Apr/2005:23:27:18 -0500] "PROPFIND /read/ HTTP/1.1" 207 2124 10.1.1.10 - joe [09/Apr/2005:23:27:50 -0500] "PUT /read/psftp.exe HTTP/1.0" 201 298 10.1.1.10 - joe [09/Apr/2005:23:27:50 -0500] "PROPPATCH /read/psftp.exe HTTP/1.1" 207 394 
10.1.1.10 - - [09/Apr/2005:23:36:21 -0500] "OPTIONS /read/ HTTP/1.1" 401 512
10.1.1.10 - joe [09/Apr/2005:23:36:21 -0500] "OPTIONS /read/ HTTP/1.1" 200 -
10.1.1.10 - joe [09/Apr/2005:23:36:21 -0500] "PROPFIND /read/ HTTP/1.1" 207 2795 10.1.1.10 - joe [09/Apr/2005:23:36:30 -0500] "GET /read/psftp.exe HTTP/1.0" 200 262144 10.1.1.10 - joe [09/Apr/2005:23:36:31 -0500] "DELETE /read/psftp.exe HTTP/1.1" 204 - 

<VirtualHost _default_:443>
ErrorLog logs/webdav_error.log
CustomLog logs/webdav_access.log common

<Directory />
AuthType Basic
AuthName "DAV"
AuthAuthoritative on

# Default access policy -- no access
order deny,allow
deny from all

# Both mod_access and mod_auth must allow
Satisfy all
</Directory>

<Directory /usr/local/apache2/webdav_folders/>
Dav on
DavMinTimeout 3600
AllowOverride None
</Directory>

Alias /read/ /usr/local/apache2/webdav_folders/dav-ro/
<Location /read/>
AuthUserFile var/dav_users.access
require user joe
<Limit GET HEAD OPTIONS PROPFIND>
	allow from all
</Limit>
</Location>

drwxr-x---  4 root www-data 4096 Apr  9 17:14 ../webdav_folders/

total 8
drwxr-x---  4 nobody www-data 4096 Apr  9 23:36 dav-ro
drwxr-x---  2 nobody www-data 4096 Apr  9 17:14 dav-w

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
  "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux