Return-Path: 
 <users-return-59768-apmail-httpd-users-archive=httpd.apache.org@httpd.apache.org>
Delivered-To: apmail-httpd-users-archive@www.apache.org
Received: (qmail 38803 invoked from network); 30 Jan 2006 19:45:44 -0000
Received: from hermes.apache.org (HELO mail.apache.org) (209.237.227.199)
  by minotaur.apache.org with SMTP; 30 Jan 2006 19:45:44 -0000
Received: (qmail 38989 invoked by uid 500); 30 Jan 2006 19:45:29 -0000
Delivered-To: apmail-httpd-users-archive@httpd.apache.org
Received: (qmail 38980 invoked by uid 500); 30 Jan 2006 19:45:28 -0000
Mailing-List: contact users-help@httpd.apache.org; run by ezmlm
Precedence: bulk
Reply-To: users@httpd.apache.org
list-help: <mailto:users-help@httpd.apache.org>
list-unsubscribe: <mailto:users-unsubscribe@httpd.apache.org>
List-Post: <mailto:users@httpd.apache.org>
List-Id: <users.httpd.apache.org>
Delivered-To: mailing list users@httpd.apache.org
Received: (qmail 38969 invoked by uid 99); 30 Jan 2006 19:45:28 -0000
Received: from asf.osuosl.org (HELO asf.osuosl.org) (140.211.166.49)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 30 Jan 2006 11:45:28 -0800
X-ASF-Spam-Status: No, hits=0.3 required=10.0
	tests=HTML_FONT_BIG,HTML_MESSAGE
X-Spam-Check-By: apache.org
Received-SPF: pass (asf.osuosl.org: local policy)
Received: from [158.130.70.79] (HELO stag.seas.upenn.edu) (158.130.70.79)
    by apache.org (qpsmtpd/0.29) with ESMTP; Mon, 30 Jan 2006 11:45:27 -0800
Received: from [10.0.1.2] (c-68-37-196-219.hsd1.nj.comcast.net
 [68.37.196.219])
	(authenticated bits=0)
	by stag.seas.upenn.edu (8.13.3/8.12.10) with ESMTP id k0UJj1cE021770
	(version=TLSv1/SSLv3 cipher=RC4-SHA bits=128 verify=NOT)
	for <users@httpd.apache.org>; Mon, 30 Jan 2006 14:45:05 -0500
Mime-Version: 1.0 (Apple Message framework v746.2)
To: users@httpd.apache.org
Message-Id: <EF52EA09-E208-494F-AE5F-D8FCCDA3578C@seas.upenn.edu>
Content-Type: multipart/alternative; boundary=Apple-Mail-7--718166427
References: <8943626B-D13F-42BE-9AE7-1356CDB5B20D@seas.upenn.edu>
From: "Dr. Stephen Judd" <sjudd@seas.upenn.edu>
Date: Mon, 30 Jan 2006 14:45:07 -0500
X-Mailer: Apple Mail (2.746.2)
X-Virus-Checked: Checked by ClamAV on apache.org
Subject: [users@httpd] permissions problem
X-Spam-Rating: minotaur.apache.org 1.6.2 0/1000/N

--Apple-Mail-7--718166427
Content-Transfer-Encoding: 7bit
Content-Type: text/plain;
	charset=US-ASCII;
	delsp=yes;
	format=flowed

I'm confused about something in the security model of my Apache-run  
website.
I can access all the files that are grandchildren of my DocumentRoot,
(i.e. any file in DocumentRoot/radar is accessible),
but none that are great grandchildren
(i.e. any file in DocumentRoot/radar/data is not accessible).
Instead I get this:
> Forbidden
> You don't have permission to access /radar/data/hi3.html on this  
> server.
>
The message dumped out on the httpd/error_log is this:
> [Mon Jan 30 15:54:49 2006] [error] (13)Permission denied: access  
> to /radar/data/hi3.html denied
Note that this is NOT a "forbidden by rule" message. Hence I believe  
the issue should
be one of file permissions, not one of Apache configuration.

The permissions on the radar directory are these:
> drwxr-xr-x  3 radar radargrp 4096 Jan 27 22:21 radar
The permissions on the data directory are these:
> drwxrwxrwx  4 radar radargrp 4096 Jan 26 09:13 data
More open you cannot get!

Why can radar/data/hi3.html not be accessed???
sj


--Apple-Mail-7--718166427
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
	charset=ISO-8859-1

<HTML><BODY style=3D"word-wrap: break-word; -khtml-nbsp-mode: space; =
-khtml-line-break: after-white-space; "><DIV>I'm confused about =
something in the security model of my Apache-run website.</DIV>I can =
access all the files that are grandchildren of=A0my =
DocumentRoot,=A0<DIV>(i.e. any file in DocumentRoot/radar is =
accessible),</DIV><DIV>but=A0none that are great =
grandchildren</DIV><DIV>(i.e. any file in DocumentRoot/radar/data is not =
accessible).</DIV><DIV>Instead I get this:<FONT class=3D"Apple-style-span"=
 face=3D"Times" size=3D"7" style=3D"font-size: 21px; "><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 16px; =
"><B></B></SPAN></FONT><DIV><DIV><BLOCKQUOTE type=3D"cite"><DIV><DIV><FONT=
 class=3D"Apple-style-span" face=3D"Times" size=3D"7" style=3D"font-size: =
21px; "><SPAN class=3D"Apple-style-span" style=3D"font-size: 16px; =
"><B>Forbidden</B></SPAN></FONT><FONT class=3D"Apple-style-span" =
face=3D"Times" size=3D"4" style=3D"font-size: 12px; "><SPAN =
class=3D"Apple-style-span" style=3D"font-size: 14px; =
"></SPAN></FONT></DIV><P style=3D"margin-top: 0px; margin-right: 0px; =
margin-bottom: 21px; margin-left: 0px; "><FONT class=3D"Apple-style-span" =
style=3D""><FONT class=3D"Apple-style-span" face=3D"Times" =
size=3D"4"><SPAN class=3D"Apple-style-span" style=3D"font-size: =
14px;">You don't have permission to access /radar/data/hi3.html on this =
server.</SPAN></FONT></FONT></P><P style=3D"margin: 0.0px 0.0px 16.0px =
0.0px"></P></DIV></BLOCKQUOTE></DIV></DIV><DIV><SPAN =
class=3D"Apple-style-span">The message dumped out on the httpd/error_log =
is this:</SPAN></DIV><DIV><BLOCKQUOTE type=3D"cite"><DIV>[Mon Jan 30 =
15:54:49 2006] [error] (13)Permission denied: access to =
/radar/data/hi3.html denied</DIV></BLOCKQUOTE></DIV><DIV>Note that this =
is NOT a "forbidden by rule" message. Hence I believe the issue =
should=A0</DIV><DIV>be one of file permissions, not one of Apache =
configuration.</DIV><P style=3D"margin: 0.0px 0.0px 16.0px 0.0px"><FONT =
class=3D"Apple-style-span" face=3D"Times" size=3D"4"><SPAN =
class=3D"Apple-style-span" style=3D"font-size: =
16px;"></SPAN></FONT></P><DIV><DIV><DIV><DIV>The permissions on the =
radar directory are these:</DIV><DIV><BLOCKQUOTE type=3D"cite"><DIV><FONT =
class=3D"Apple-style-span" face=3D"Courier">drwxr-xr-x=A0 3 radar =
radargrp 4096 Jan 27 22:21 radar</FONT></DIV></BLOCKQUOTE></DIV><DIV>The =
permissions on the data directory are these:</DIV><DIV><BLOCKQUOTE =
type=3D"cite"><DIV><FONT class=3D"Apple-style-span" =
face=3D"Courier">drwxrwxrwx=A0 4 radar radargrp 4096 Jan 26 09:13 =
data</FONT></DIV></BLOCKQUOTE></DIV><DIV>More open you cannot =
get!</DIV><DIV><BR class=3D"khtml-block-placeholder"></DIV><DIV>Why can =
radar/data/hi3.html not be accessed???</DIV><DIV>sj</DIV><DIV><BR =
class=3D"khtml-block-placeholder"></DIV></DIV></DIV></DIV></DIV></BODY></H=
TML>=

--Apple-Mail-7--718166427--