httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Michael Weber" <mwe...@alliednational.com>
Subject [users@httpd] Multiple publishers, security question
Date Thu, 12 Dec 2002 18:41:12 GMT
I am putting an intranet together where each department will maintain 
their own web pages under the main intranet page.  My question is, what

is the right way to have hr publish to intranet/hr, is publish to 
intranet/is, etc.

What I have tried without success is to create a /home/hr/www directory

and symlink that to /var/intranet/html/hr.  Doing this allows hr to 
publish, but apache gives 403's.  (I checked for read access, .htaccess
files,
etc.)

So, I turned it around.  I created a /var/intranet/html/is directory, 
changed the owner to is:is, and linked that to /home/is/www.  Now
apache 
can see the files, but the users can't publish files.  M$ Explorer
see's 
the symlink as a file rather than a folder.  (No flames, please.  We 
have users maintaining web pages who still look for the "any" key!)

What I did as an interim measure is to create the 
/var/intranet/html/<department-code> directories, change ownership, and

insert that directory into /etc/passwd as the home directory.  Everyone

is happy, except me.  I'm fairly certain there is a better, more
secure, 
more standard way to do this.

I've looked in the archives but I can't come up with a search string 
that gives me anything close.

What's the best practice here?

Thanx!

Michael


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message