[ale] Multi-user web server permissions

Robert Reese~ ale at sixit.com
Fri May 1 10:59:02 EDT 2009


> However, the larger problem arises when accessing files through
> Apache.  Since the web server has to be able to read files from any
> directory (ie: that is the whole point), it is not difficult for
> one user to create a PHP or CGI script that can read anybody else's
> files when accessed through the web server.   There are some
> attempts at controlling this, but none that I really like (ie:
> suexec and running PHP in CGI mode).
>
>
> I'd be interested if anybody has some more elegant solutions to the
> latter problem.

This should be able to be controlled with .htaccess for access via http; the 
user will need to authenticate, of course.  FTP has its own set of permissions, 
controlled by the file and directory permissions, owner, and group just like 
SSH, IIRC.  OTOH, I'm still not a *nix expert so if I'm wrong, anyone please 
correct me.

Cheers,
R~



More information about the Ale mailing list