httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Todd Hivnor <>
Subject RE: [users@httpd] Limiting COPY method for WebDAV to one direction
Date Wed, 29 Nov 2006 20:50:27 GMT
Mark, thank for the clues. I guess I will need to tinker with OS-level file permissions to
solve this. I was hoping for a pure-Apache solution, and am a bit disappointed with the granularity
of control over COPY operations. But I can work around the issue using file level permissions.

Thanks for the clue.

Mark Lavi <> wrote:        v\:* {behavior:url(#default#VML);} o\:* {behavior:url(#default#VML);}
w\:* {behavior:url(#default#VML);} .shape {behavior:url(#default#VML);}      st1\:*{behavior:url(#default#ieooui)
}                     Ah, you’ve changed the scope of your question. J
  So long as you leverage an Apache authorization module with user and group permissions,
I would think you could control permissions on who can do what per directory easily, but for
this solution, you would not give both groups WebDAV access.
  One group (read only) could browse the web server and download contents of the autogenerated
directory while the other group would be authenticated to have WebDAV privileges. It’s simpler
to manage and granular to the directory, but not exactly what you are asking for because not
both groups are given WebDAV permissions. So the read only group could not do a select all
files to download, much like a network drive operation, unless they used some sort of browser
  Configuration would be something like (I’m doing this off the top of my head for illustration,
please don’t expect to cut and paste this without syntax correction and adaptation for your
  <Directory "/www/docroot/projects/X">
    Options Indexes
    AllowOverride None
    AuthType Basic
    AuthName "Only group X can publish!"
    AuthUserFile /home/www/acl/htpasswdfile
    AuthGroupFile /home/www/acl/groupfile
    DAV On
    <LimitExcept GET HEAD OPTIONS>
     Require group X
Mark Lavi, Enterprise Web Management Team @ SGI || phone:+1-650-933-7707

  From: Todd Hivnor [] 
 Sent: Tuesday, November 28, 2006 11:15 AM
 Subject: RE: [users@httpd] Limiting COPY method for WebDAV to one direction
  Updating the permissions on the file system will work for folders which are strictly read-only.
But in a lot of cases, I want the folder to be readable by group X and writable by group Y.

 Mark Lavi <> wrote:
    I don’t know of an Apache/WebDAV solution off the top of my head for your requirement,
but it is probably easiest to address this from the filesystem: change the permissions on
the directory to be read only.
Mark Lavi, Enterprise Web Management Team @

 SGI || phone:+1-650-933-7707

    From: Todd Hivnor [] 
 Sent: Monday, November 27, 2006 3:44 PM
 Subject: [users@httpd] Limiting COPY method for WebDAV to one direction
I am running WebDAV on my Apache 2.0.51 server on Fedora Core 2. 
  I would like to allow users to copy files _from_ a certain directory, 
  but not _into_ it. However, if I allow the COPY method (via a the 
  LimitExcept tag)  then I am allowing copy _from_ and copy _to_. There doesn't 
  seem to be able to any means to control the direction of the copy 
  Is there are way to

 configure this? It seems like a fairly basic 
  requirement: a read-only WebDAV folder which allows users to copy files into 
  their personal directories, with a direct HTTP COPY call. 
   - Todd
  Everyone is raving about the all-new Yahoo! Mail beta.

Check out the all-new Yahoo! Mail beta - Fire up a more powerful email and get things done
View raw message