httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Rodent of Unusual Size <Ken.C...@Golux.Com>
Subject Re: Srtting up permissions questions
Date Tue, 18 Dec 2001 21:54:28 GMT
"Lawrence, Sean" wrote:
> 
> I could see how that could lead to issues.  So might using mod_sql and
> mod_auth be a bettet alternative?  It's linux btw.

The only module (in the standard Apache bundle) that has this
enhancement is the text-based mod_auth.  Rather than using
'require valid-user', which will allow any user in the AuthUserFile
to have access, or 'require user foo', which will only allow
user foo access, 'require file-owner' will only allow access to
someone who authenticates with a username that matches the
one associated with the UID that owns the file.  So two files
side-by-side with different owners would not be accessible
to their respective users.

How you maintain the AuthUserFile is, of course, up to you.
It's possible in some cases to point it at the system authentication
database (e.g., /etc/passwd), but that's definitely *not* something
I'd recommend, for various reasons.
-- 
#ken	P-)}

Ken Coar, Sanagendamgagwedweinini  http://Golux.Com/coar/
Author, developer, opinionist      http://Apache-Server.Com/

"All right everyone!  Step away from the glowing hamburger!"

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message