[lug] Relocating Users Web Page Directories
Jeff Schroeder
jeff at neobox.net
Mon Apr 21 08:23:04 MDT 2003
SoloCDM asked:
> What would
> be the best course of action and what documentation would explain
> the steps to make the configurations? As it is, the users home
> directories are purposely configured to block any outside users into
> their accounts?
I find that using simple file/directory permissions I can protect the
users' home directories while allowing web access. All users belong to
a single group (say, "web", or just "users"). Apache is running as a
different group (often "nobody"). Then, you can chmod everyone's home
directory to allow user and world access, but not group:
# chmod 705 /home/bill /home/bob
# ls -l /home
drwx---r-x 66 bill users 4096 Apr 19 17:46 bill
drwx---r-x 66 bob users 4096 Apr 19 17:46 bob
In this way, Bill can't get into Bob's directory, and vice versa.
Apache, running as a different group, can. Within /home/bill you can
then have ~/public_html or whatever, and use any permissions (as long
as it includes world-read, so Apache can see it!).
IMHO this is superior to symlinking everything because it's more
straightforward and easier to maintain.
HTH,
Jeff
More information about the LUG
mailing list