httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Dick Davies <rasput...@hellooperator.net>
Subject Re: [users@httpd] read-only webdav folder
Date Sun, 10 Apr 2005 07:47:59 GMT
* Craig Jackson <cjackson@localsurface.com> [0451 05:51]:
> Hi,
> 
> I am having some trouble setting up read-only webdav Location. Below you 

Isn't that a 'web page' ? :)

> can see that the logs show DELETE and PUT allowed, while the httpd.conf 
> config for this Location restricts this user to read-only access. So the 

No, it doesn't - this config allows all options, because you haven't blocked them.

> <Limit GET HEAD OPTIONS PROPFIND>
> 	allow from all
> </Limit>

Try

<LimitExcept GET HEAD OPTIONS PROPFIND>
 	deny from all
 </LimitExcept>


> user has more permission than he should have. The directory permissions 
> you can see below also. Nobody, the Apache user, owns the directory. Now 

Ick. Nobody shouldn't own files IMO - that's the point of nobody. Might be
saner to create a www/www user/group and run apache as that.

-- 
'The old 'give em a Linux box and they think they're Jean-Luc Picard' syndrome.'
		-- Pete Bentley
Rasputin :: Jack of All Trades - Master of Nuns

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message