Apache permissions problem

[screw3d]

I just compiled and installed Apache 1.3.37 on one of my school's shared Solaris servers so I don't have root access.

The weird thing is.. my DocumentRoot (~myusername/www) is accessible from http://servername/ even when the permission is set to 700, and same goes for all the files inside. I'm sure this is not a httpd.conf thing.. what have I done wrong?

 

[skyking]

so you can access your files using http://servername/~username?

 

[screw3d]

Originally posted by: skyking
so you can access your files using http://servername/~username?

It's actually http://servername:myportnumber/ since there's going to be multiple people running different apache instances on the same server. It's for a class 🙂

 

[nweaver]

apache is probably running as your user, and therefore has 7 (Read, write, execute) permissions on that directory. If its running as another user, then it wouldn't.

 

[n0cmonkey]

Change the 7, don't give it write permission unless you absolutely have to...

 

[screw3d]

Originally posted by: nweaver
apache is probably running as your user, and therefore has 7 (Read, write, execute) permissions on that directory. If its running as another user, then it wouldn't.

I guess that's the 'problem'. I can't really go around that right?

Originally posted by: n0cmonkey
Change the 7, don't give it write permission unless you absolutely have to...

Will do. It's just that I'm used to setting 744/755 on productions web servers so this kinda freaked me out 🙂

Thanks for the comments!

 

[nweaver]

since you cannot run as an alternate user (like most apache installs) then you will have to get creative with permissions, and be very careful to ensure that your config is secure, to prevent problems such as viewing the root directory (blank index.html page would probably fix that)