[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] MAJOR BUG, Browse any directory view any file

Subject: Re: [cobalt-users] MAJOR BUG, Browse any directory view any file
From: "Mike Palamar" <mike@xxxxxxxxxx>
Date: Thu May 29 07:01:51 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

 >cd /home
> chmod 711 sites
>
> Just run the above commands and you won't have that issue any more. This
> is now standard operating procedure on all Cobalts I maintain. If you
> let customers have shell access on your Cobalts, this is a MUST-HAVE!!

I do the following:
chmod 711 /home/sites
chmod 750 /home/sites/*
chown httpd /home/sites/*

The first command stops directory listings.
The 2nd command stops people from outside the group/owner from viewing the
files.
The third command allows the web server to read and execute scripts.

I also have a php.include file that sets the base directory(plus a few other
security directives) for each account. This is done on a RAQ3 with Apache
1.3.27.

Follow-Ups:
- RE: [cobalt-users] MAJOR BUG, Browse any directory view any file
  - From: mastermoe

References:
- RE: [cobalt-users] MAJOR BUG, Browse any directory view any file
  - From: Erica Douglass

Prev by Date: RE: [cobalt-users] CRON DAEMON ERROR MESSAGE
Next by Date: Re: [cobalt-users] Limiting POP3/IMAP access
Previous by thread: Re: [cobalt-users] MAJOR BUG, Browse any directory view any file
Next by thread: RE: [cobalt-users] MAJOR BUG, Browse any directory view any file

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index