On Fri, 9 Jan 1998, hostmaster wrote: > > Sorry for the false alarm. There are still some very strange things going > on with the default installation scripts' use of permissions and I intend > to review this more thoroughly over the weekend. > > Well the alarm is not totally false, frontpage IS bogus as HELL, but there is a way to circumvent the cretinous way this is set up. You can set up all of your frontpage users as group web and set the users' permissions as 715 , that is effect disallows other "web" users from accessing other individuals accounts, while retaining "nobody" as your main http daemon user. Then you can use apache's suexec wrapper to do the suing for the frontpage extensions provided that you have httpd.conf set up correctly i.e. with User and Group statements. We know that this is a far from perfect solution but at least it somwhat works on a production system. ____________________________________________ http://www.incredible.com E-mail:infoat_private Απίστευτα Δίκτυα Incredible Networks τηλ: (1) 92 12 312 tel +30 1 921 2312 fax: (1) 92 12 314 fax:+30 1 921 2314
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:38:38 PDT