httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Amit Athavale <amit_athav...@persistent.co.in>
Subject Re: WebDAV and reading / writing files as system users
Date Fri, 30 Apr 2004 05:59:45 GMT
Greg Stein wrote:

>>One thing I would like to be able to do is have the DAV server read and 
>>write files as system users, along the lines of what suexec achieves for
>>cgi programs. Obviously the DAV server would need to run as root (or 
>>have some mechanism like suexec) in order to achieve this, and would 
>>probably be set up as a private stripped down DAV-only server hiding 
>>behind a reverse proxy of some kind in order to improve security.
>>    
>>
>
>Eesh. This has tended to come up w.r.t mod_dav for over five years now. My
>point of view is best summarized in this email:
>
>  http://mailman.lyra.org/pipermail/dav-dev/2000-November/001746.html
>
>I really don't recommend it. Why do you need to have different owners for
>the files? Are people going to be logging onto the box and need to
>interact with the files locally? That has a number of other problems (such
>as staying in sync with mod_dav w.r.t locking and properties and atomicity
>of requests, etc).
>
>My POV has been (for a LONG while now): the DAV repository is private to
>the web server and the mod_dav module. Don't let local users near it.
>
May be DAV ACL is the way to go ?

AFAIK WebDAV+ACL+some kind authentication serves the purpose where each
user having it own area and he can play with permissions of files and 
yet you have
private repository and user doesn't have a clue of how the back-end 
storage is
managed !


Mime
View raw message