Mailing List Archive
tlug.jp
Mailing List
tlug archive
tlug Mailing List Archive
|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tlug] Not seeing linked directory in localhost
- Date: Mon, 24 Apr 2006 08:40:25 -0400
- From: Jim <jep200404@example.com>
- Subject: Re: [tlug] Not seeing linked directory in localhost
- References: <20060423180300.68cd68aa.jep200404@example.com> <20060424001707.3a0a7d31.godwin.stewart@example.com> <20060423192231.2cf6db54.jep200404@example.com> <20060424.112453.11157873.dave@?om> <444C96A6.9040200@example.com>
More generally, Dave needs to master the whole concept of UNIX permissions. What tutorials and in-depth tomes can y'all point Dave to? The concept of least privilege is an important one. Dave M G wrote: > It was suggested that 750 might be better just in case I was concerned > about others using my computer. That depends on who's in the group. Even so, I'm wary of it. > But 755 was also suggested. I just now set my /home/dave directory to > 755, and now I can see the web_sites directory at localhost from within > FireFox. 755 allows everyone to roam your home directory, which is lousy from a security standpoint. Even choking ~dave down to 750 where the group includes only apache and dave is poor. Apache only has business reading your web pages, not your home directory (that has many little configuration files). It would be better for dave to have a directory somewhere off of /var that (only) dave had permission to fiddle and that apache could only read. [jim@example.com jim]$ ll -d /var/wwwdave drwxr-xr-x 5 dave apache 4096 Aug 16 2002 /var/wwwdave [jim@example.com jim]$ or [jim@example.com jim]$ ll -d /var/wwwdave drwxr-x--- 5 dave apache 4096 Aug 16 2002 /var/wwwdave [jim@example.com jim]$ Yes, that assumes there is an apache group. It might be called something else on your box, or you might even have to make a group. I would consider having a subdirectory of /var/www/. I.e., [jim@example.com jim]$ ll -d /var/wwwdave/web_sites drwxr-x--- 5 dave apache 4096 Aug 16 2002 /var/wwwdave/web_sites [jim@example.com jim]$ On Sun, 23 Apr 2006 23:57:50 +0900 Dave M G <martin@example.com> wrote: > I checked the permissions on /home/dave/web_sites: > drwxrwxrwx 13 dave dave 4096 2006-04-03 18:35 web_sites 777 permissions are just plain wreckless. Understandable when you are troubleshooting while isolated from the Internet, but far too dangerous otherwise. On Mon, 24 Apr 2006 18:13:10 +0900 Dave M G <martin@example.com> wrote: > If I'm accessing the > /home/dave/web_sites directory from within the "dave" account, which > owns the directory, why was I denied access? Why did I have to grant > permissions to "others" in order to get access myself? It might depend how you tell Firefox to access it. Accessing /home/dave/web_sites as http://localhost/web_sites/ is done only indirectly by Firefox. Apache is doing the actual accessing as Godwin pointed out. Accessing /home/dave/web_sites as file:///home/dave/web_sites, is done directly by Firefox as you (dave). Try both ways.
- Follow-Ups:
- Re: [tlug] Not seeing linked directory in localhost
- From: Dave M G
- Re: [tlug] Not seeing linked directory in localhost
- References:
- Re: [tlug] Not seeing linked directory in localhost
- From: Jim
- Re: [tlug] Not seeing linked directory in localhost
- From: Godwin Stewart
- Re: [tlug] Not seeing linked directory in localhost
- From: Jim
- Re: [tlug] Not seeing linked directory in localhost
- From: David E
- Re: [tlug] Not seeing linked directory in localhost
- From: Dave M G
- Re: [tlug] Not seeing linked directory in localhost
- Prev by Date: Re: [tlug] Printer Not Responding
- Next by Date: Re: [tlug] Printer Not Responding
- Previous by thread: Re: [tlug] Not seeing linked directory in localhost
- Next by thread: Re: [tlug] Not seeing linked directory in localhost
- Index(es):
| Home Page | Mailing List | Linux and Japan | TLUG Members | Links |