httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From dgau...@hotwired.com (Dean Gaudet)
Subject Re: WWW Form Bug Report: "access.conf - directory tags not overriding properly?" on Linux (fwd)
Date Mon, 19 Aug 1996 04:26:44 GMT
In article <hot.mailing-lists.new-httpd-199608190340.XAA27645@luers.qosina.com>,
Aram Mirzadeh  <new-httpd@hyperreal.com> wrote:
>Can anyone tell what this guy is talking about? 

He's complaining about the overide nature of the configuration files...
similar to the whining I've been doing a few times.  i.e. it's not
clear that directives belonging to a module are overridden as a group,
and don't affect other modules.

Dean

>
>
>Howard Goff said:
>> From: Howard Goff <Howard@AlaskaOne.com>
>> 
>> The intent is to lock out the actual root of the filesystem (as opposed to the document
root)
>> and then add access back on an as needed basis to the multiple document roots we
have
>> on our server.
>> 
>> Further testing on my part has indicated the following:
>> 
>> <Directory />
>> order	allow,deny
>> deny from all
>> </Directory>
>> <Directory /home/user1/html>
>> order	allow,deny
>> allow from all
>> </Directory>
>> 
>> yields the expected result of letting Apache server files from the /home/user1/html
>> directory.  If _instead_ of "Allow From All", I use "AuthType Basic" with a .htpasswd
file
>> the server cannot access files in the user's directory.
>> 
>> The correct response seems now to be to use _both_ "allow from all" and "Auth..."
>> in the subdirectory's security.
>> 
>> So it seems that Auth statements will not override a "deny from all" statement. 
This 
>> makes sense now that I know about it.  You may want to include something
>> in the documentation about the order of precedence of the various security directives.
>> 
>
>-- 
>Aram Mirzadeh						awm@qosina.com
>MIS Manager				      Apache httpd team member
>Qosina Corporation				    aram@hyperreal.com
>http://www.qosina.com/			    http://www.qosina.com/~awm
>PGP Key 			http://www.qosina.com/~awm/pgpkey.html
>Key Sig 	      BE 49 9D F6 2A A7 22 FC  02 E9 1E 3D F7 0C 67 A0
>
>"I've heard snappier comebacks from a bowl of Rice Krispies. 
>				-- Charles Emerson Winchester III
>



Mime
View raw message