httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Boyle Owen" <Owen.Bo...@swx.com>
Subject RE: [users@httpd] why is autoindex listing files with mode 700?
Date Mon, 09 Feb 2004 09:50:52 GMT
> -----Original Message-----
> From: Nickolas Winters [mailto:nickolaswinters@yahoo.com]
> 
> I used to use a Linux system back in school that worked in 
> the following way...
> 
>  
> When a list was autoindexed by apache (like, if you did not 
> have an index.html
> file, but only a bunch of other files in the directory), it 
> would only display
> files which has world read permissions. 
>  
> Example: Two files. file1 and file2 
> chmod 755 file1 
> chmod 700 file2 
>  
> when i go to the url I would only see file1. Directories 
> worked the same way,
> they would not appear on the list unless world read 
> permissions were set
> (though you could still access files within if world execute 
> was set and you
> knew path to the file you wanted). 
>  
> I found it very useful to be able to simply use chmod to put 
> up and take down
> shared content quickly and easily without having to copy or 
> move anything. 
>  
>  
> Now on my new installation, 1.3 (same version as the old 
> system) under the same
> conditions, i see both files (though not able to view the 
> second one, it will
> still appear in the list). Directories work the same way, you 
> can see them but
> not access them.
>  
> I'd like to know how to make my new system behave in the way 
> that I'm familiar
> with, but I'm not sure how. I've read all the documentation I 
> could find,
> autoindex module documents, asked on several forums, and 
> asked system admins I
> know, but none of them were able to help me (I even read the 
> over-my-head
> source code for the autoindex module). Alot of times 
> responses I get in forums
> is that it's plain impossible or that I was mistaken about 
> how my old system
> was working, but I am absolutely certain this is how the 
> functionality worked
> on the old system i used (actually I used 4 different 
> unrelated linux servers
> that all behaved this way). 

This came up a while ago on the list (the thread starts here:
http://marc.theaimsgroup.com/?l=apache-httpd-users&m=107329712818765&w=2
) - apparently, there is a difference in behaviour between apache 1.3
(will show inaccessible files) and apache 2.0 (will mask them). So check
your versions.

Personally, I prefer the 1.3 behaviour because this more closely matches
what the shell does (you can ls /etc/shadow but you can't cat it).

Rgds,
Owen Boyle
Disclaimer: Any disclaimer attached to this message may be ignored. 

>  
> If it helps, the old system was RedHat (unknown version) with 
> 1.3, and the new
> is Slackware 9.1 with 1.3 
>  
> Could anyone give me any idea how I could make my new system 
> work that way or
> why the old system might have worked that way by default? 
>  
> Any insight you can give me would helpful. Thank you! 
>  
> -Nick
> 
> __________________________________
> Do you Yahoo!?
> Yahoo! Finance: Get your refund fast by filing online.
> http://taxes.yahoo.com/filing.html
> 
> ---------------------------------------------------------------------
> The official User-To-User support forum of the Apache HTTP 
> Server Project.
> See <URL:http://httpd.apache.org/userslist.html> for more info.
> To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
>    "   from the digest: users-digest-unsubscribe@httpd.apache.org
> For additional commands, e-mail: users-help@httpd.apache.org
> 
> 
Diese E-mail ist eine private und persönliche Kommunikation. Sie hat
keinen Bezug zur Börsen- bzw. Geschäftstätigkeit der SWX Gruppe. This
e-mail is of a private and personal nature. It is not related to the
exchange or business activities of the SWX Group. Le présent e-mail est
un message privé et personnel, sans rapport avec l'activité boursière du
Groupe SWX.

This message is for the named person's use only. It may contain
confidential, proprietary or legally privileged information. No
confidentiality or privilege is waived or lost by any mistransmission.
If you receive this message in error, please notify the sender urgently
and then immediately delete the message and any copies of it from your
system. Please also immediately destroy any hardcopies of the message.
You must not, directly or indirectly, use, disclose, distribute, print,
or copy any part of this message if you are not the intended recipient.
The sender's company reserves the right to monitor all e-mail
communications through their networks. Any views expressed in this
message are those of the individual sender, except where the message
states otherwise and the sender is authorised to state them to be the
views of the sender's company. 



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message