httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rob Hartill <>
Subject Lack of documentation on hierarchical evaluation of .htaccess ACLs (fwd)
Date Tue, 15 Oct 1996 16:27:24 GMT

I was yawning my way through this bugs mail and then noticed the
address in the .sig

Not acked.

----- Forwarded message from Raj Gossain -----

Date: Mon, 14 Oct 1996 14:13:48 -0700
From: Raj Gossain <>
Subject: Lack of documentation on hierarchical evaluation of .htaccess ACLs

Trying to determine how Apache handles hierarchical ACLs in content
trees.  I've checked the documentation and understand how the basic
allow, deny, require, order, <LIMIT>, etc. directives work, but I have
not found formal documentation on how ACLs are handled when they vary
hierarchically.  I posted this to comp.infosystems.www.servers.unix, but
received no response.

Based on testing the Apache 1.1 server, Apache requires all .htaccess
files in a path to allow access in order for leaf level access to be
granted.  One might also expect basic leaf-level ACL checking, such that
intermediate directories in a path could have very strict ACLs (e.g.,
administrators only) but the leaf-level directories in a content tree
each have basic user and group access granted to distribute ownership of
individual content directories.

Could someone describe exactly how these hierarchical ACLs are managed?
In addition, it would be helpful to know if this evaluation method is
going to remain the way it is today.  A pointer to some documentation
would be really great.


Raj Gossain                   
Server Marketing              
Netscape Communications Corp.           P: 415.937.3776
501 E. Middlefield Rd.                  F: 415.528.4163
Mountain View, CA  94043

----- End of forwarded message from Raj Gossain -----

View raw message