httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Igor Galić <i.ga...@brainsware.org>
Subject Re: [users@httpd] mod_dav - practical use
Date Fri, 08 Oct 2010 15:28:27 GMT

----- "Hajo Locke" <hajo.locke@gmx.de> wrote:

> Hello List,
> 
> a question to mod_dav. Some providers offer mod_dav to edit files
> which are 
> also editable/writeable by ftp-user?
> In most cases ftp-users/apacheuser are different to avoid security
> problems. 
> Whats the trick to make this possible without security risk?

It's not so much a trick.. You reverse-proxy DAV (write) requests to a
back-end which is running on an unprivileged port, as an unprivileged
user, who has the permission to do writes on the FS.

> could imagine a special user/group setup but all my solutions result
> in 
> securityproblems by to much  readability.
> 
> Thanks,
> Hajo 
> 

bye,
i

-- 
Igor Galić

Tel: +43 (0) 664 886 22 883
Mail: i.galic@brainsware.org
URL: http://brainsware.org/

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message