Apache Directory Level access control

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



CentOS-6.5
httpd-2.2.15 (centos)

I am trying to understand how directory access control works in Apache-2.2. 
Does a means exist to revoke access in a subdirectory if access has been
granted in a higher one?  We restrict access to the entire site via htdigest
but some directories are need to be further restricted by the group a user is
assigned to.  I have this situation:


  <Directory />
    AuthType Digest
    AuthName ca.harte-lyne
    AuthDigestDomain /
    AuthDigestProvider file
    AuthUserFile /etc/httpd/access.d/.htdigest
    AuthGroupFile /var/data/hll_dav/htgroup

    Require group staff

    AllowOverride None
    Order allow,deny
    allow from all
    Satisfy All

    Options Indexes MultiViews
    IndexOptions FancyIndexing
    AddDefaultCharset UTF-8
</Directory>

<Directory /Private>
    Require group management
</Directory>

In this setup a member of group staff who is not a member of group management
nonetheless can list and download files in /Private.  I want to prevent this. 
Is this possible and if so then how is this done?



-- 
***          E-Mail is NOT a SECURE channel          ***
James B. Byrne                mailto:ByrneJB@xxxxxxxxxxxxx
Harte & Lyne Limited          http://www.harte-lyne.ca
9 Brockley Drive              vox: +1 905 561 1241
Hamilton, Ontario             fax: +1 905 561 0757
Canada  L8E 3C3

_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos




[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux