On Mon, Feb 25, 2008 at 12:59 AM, Richard Geddes <rich.geddes@xxxxxxxxxxx> wrote: > Hello, > > I'm using apache 2.2 on Ubuntu 7.10 setting up name-based virtual > hosting . The apache servers servicing requests run as www-data. > > The idea is to allow users to make their own websites under their home > directories, and for the admin to symlink the users' DocumentRoot > directories below main DocumentRoot directory, and have the apache > configuration file with <VirtualHost> sections direct the http requests > appropriately. > > I got this to work correctly, but I had to set the 'other' execution bit > for directories that lead to the users symlinked directory. This means > that users will have execute permissions on each others' directories, > but I want to keep the users strictly separated from each other.... I > think the FAQ suggests this, if I'm not mistaken, but I think there is a > security issue here. Having world-executable (searchable, really) home directories is not an uncommon configuration. Yes, your users need to be a little more careful about the permissions of stuff inside their home directories, but that isn't such a big deal. Alternatively, do the symlink in the other direction: put the directories under DocumentRoot and include a symlink in the home directories pointing to the correct location so your users know what to edit. Joshua. --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|