Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

sqldatasource dal, wwwxxxenden, convert raid5 to raid 10 mdadm, apache force chunked, nrao wwwxxx, xxxxxdup, procmail change subject header, wwwXxx not20, Wwwxxx.doks sas, linux raid resync after reboot

Links

XODOX
Impressum

#1: mod_dav - practical use

Posted on 2010-10-08 15:35:00 by Hajo Locke

Hello List,

a question to mod_dav. Some providers offer mod_dav to edit files which are
also editable/writeable by ftp-user?
In most cases ftp-users/apacheuser are different to avoid security problems.
Whats the trick to make this possible without security risk?
could imagine a special user/group setup but all my solutions result in
securityproblems by to much readability.

Thanks,
Hajo


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Report this message

#2: Re: mod_dav - practical use

Posted on 2010-10-08 17:28:27 by i.galic

----- "Hajo Locke" <hajo.locke@gmx.de> wrote:

> Hello List,
>=20
> a question to mod_dav. Some providers offer mod_dav to edit files
> which are=20
> also editable/writeable by ftp-user?
> In most cases ftp-users/apacheuser are different to avoid security
> problems.=20
> Whats the trick to make this possible without security risk?

It's not so much a trick.. You reverse-proxy DAV (write) requests to a
back-end which is running on an unprivileged port, as an unprivileged
user, who has the permission to do writes on the FS.

> could imagine a special user/group setup but all my solutions result
> in=20
> securityproblems by to much readability.
>=20
> Thanks,
> Hajo=20
>=20

bye,
i

--=20
Igor GaliÃÂ

Tel: +43 (0) 664 886 22 883
Mail: i.galic@brainsware.org
URL: http://brainsware.org/

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Report this message