Bookmarks

Yahoo Gmail Google Facebook Delicious Twitter Reddit Stumpleupon Myspace Digg

Search queries

How to unsubscrube from dategen spam, WWWXXXAPC, docmd.close 2585, WWWXXXDOCO, nu vot, dhcpd lease file "binding state", WWWXXXDOCO, how to setup procmail to process html2text, how to setup procmail html2text, WWWXXXAPC.

Links

XODOX
Impressum

#1: mod_dav - practical use

Posted on 2010-10-08 15:35:00 by Hajo Locke

Hello List,

a question to mod_dav. Some providers offer mod_dav to edit files which are
also editable/writeable by ftp-user?
In most cases ftp-users/apacheuser are different to avoid security problems.
Whats the trick to make this possible without security risk?
could imagine a special user/group setup but all my solutions result in
securityproblems by to much readability.

Thanks,
Hajo


------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Report this message

#2: Re: mod_dav - practical use

Posted on 2010-10-08 17:28:27 by i.galic

----- "Hajo Locke" <hajo.locke@gmx.de> wrote:

> Hello List,
>=20
> a question to mod_dav. Some providers offer mod_dav to edit files
> which are=20
> also editable/writeable by ftp-user?
> In most cases ftp-users/apacheuser are different to avoid security
> problems.=20
> Whats the trick to make this possible without security risk?

It's not so much a trick.. You reverse-proxy DAV (write) requests to a
back-end which is running on an unprivileged port, as an unprivileged
user, who has the permission to do writes on the FS.

> could imagine a special user/group setup but all my solutions result
> in=20
> securityproblems by to much readability.
>=20
> Thanks,
> Hajo=20
>=20

bye,
i

--=20
Igor Galić

Tel: +43 (0) 664 886 22 883
Mail: i.galic@brainsware.org
URL: http://brainsware.org/

------------------------------------------------------------ ---------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org

Report this message