* Craig Jackson <cjackson@xxxxxxxxxxxxxxxx> [0451 05:51]: > Hi, > > I am having some trouble setting up read-only webdav Location. Below you Isn't that a 'web page' ? :) > can see that the logs show DELETE and PUT allowed, while the httpd.conf > config for this Location restricts this user to read-only access. So the No, it doesn't - this config allows all options, because you haven't blocked them. > <Limit GET HEAD OPTIONS PROPFIND> > allow from all > </Limit> Try <LimitExcept GET HEAD OPTIONS PROPFIND> deny from all </LimitExcept> > user has more permission than he should have. The directory permissions > you can see below also. Nobody, the Apache user, owns the directory. Now Ick. Nobody shouldn't own files IMO - that's the point of nobody. Might be saner to create a www/www user/group and run apache as that. -- 'The old 'give em a Linux box and they think they're Jean-Luc Picard' syndrome.' -- Pete Bentley Rasputin :: Jack of All Trades - Master of Nuns --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|