From owner-freebsd-questions@FreeBSD.ORG Thu Feb 12 14:07:46 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 63B80106566B for ; Thu, 12 Feb 2009 14:07:46 +0000 (UTC) (envelope-from uwe@laverenz.de) Received: from mo-p00-ob.rzone.de (mo-p00-ob.rzone.de [81.169.146.160]) by mx1.freebsd.org (Postfix) with ESMTP id A98738FC0C for ; Thu, 12 Feb 2009 14:07:45 +0000 (UTC) (envelope-from uwe@laverenz.de) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; t=1234447664; l=778; s=domk; d=laverenz.de; h=Sender:In-Reply-To:Content-Type:Mime-Version:References:Subject:Cc: To:From:Date:X-RZG-CLASS-ID:X-RZG-AUTH:DomainKey-Signature; bh=WZtX3ENy24yHB+wb2Pi/3rpGj9gK2nSXdqgYQX+1lfk=; b=l0vp4FJ1BF5CTFVNvfWb0F/JWdqqNhlyCOb54j1XFGl7BH1pRDD68hwDctrbA25ZC3c srl9eyz/tJT8v268ajCuVtGOHFzdeoa44oCWyLWECj77zWXneArHYl3NEV1v8wpvdS4as TLhfTRJaofSZyC34Ft/Bwy5sWpyVDnOVX4s= DomainKey-Signature: a=rsa-sha256; s=domk; d=laverenz.de; c=nofws; q=dns; h=X-RZG-AUTH:X-RZG-CLASS-ID:Date:From:To:Cc:Subject:References: Mime-Version:Content-Type:In-Reply-To:Sender; b=c5kqM945zlJR1nDZ7EBr2DKEzQ9f31MaDndehHfmBYavKNwUFQVvjyV8G57ho+RBMCQ ng7dv3hTEPIu6QFM/m+HJb71AyveOGKKvE1xFhHF9xO+rtSX3g+u+bfjJ0WxBcDd7lIn2 Kyq7JDpeOCFlDqB/1wBDrvrJAPk/yg1Fm1w= X-RZG-AUTH: :LWgJfE6Id/4Sm/WkdV0gEbKL+/p/UjmosA/b4BPf1Ida/LA6f2WjvdsA X-RZG-CLASS-ID: mo00 Received: from athena.laverenz.de (77-22-194-90-dynip.superkabel.de [77.22.194.90]) by post.strato.de (klopstock mo63) (RZmta 18.18) with ESMTP id 203fcbl1CCmDpl ; Thu, 12 Feb 2009 15:07:44 +0100 (MET) Received: from localhost (localhost.localdomain [127.0.0.1]) by athena.laverenz.de (Postfix) with ESMTP id B6284127BDC; Thu, 12 Feb 2009 14:43:36 +0100 (CET) Received: from athena.laverenz.de ([127.0.0.1]) by localhost (athena [127.0.0.1]) (amavisd-new, port 10024) with LMTP id 07208-02; Thu, 12 Feb 2009 14:43:36 +0100 (CET) Received: by athena.laverenz.de (Postfix, from userid 2000) id 4EB27127BF1; Thu, 12 Feb 2009 14:43:36 +0100 (CET) Date: Thu, 12 Feb 2009 14:43:36 +0100 From: Uwe Laverenz To: Keith Palmer Message-ID: <20090212134336.GA3324@laverenz.de> Mail-Followup-To: Keith Palmer , freebsd-questions@freebsd.org References: <53134.12.68.55.226.1234369337.squirrel@www.academickeys.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <53134.12.68.55.226.1234369337.squirrel@www.academickeys.com> Organization: private site Sender: uwe@laverenz.de User-Agent: Mutt/1.5.9i X-Virus-Scanned: by amavisd-new-20030616-p10 (Debian) at laverenz.de Cc: freebsd-questions@freebsd.org Subject: Re: Restricting users to their own home directories / not letting users view other users files...? X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Feb 2009 14:07:47 -0000 On Wed, Feb 11, 2009 at 11:22:17AM -0500, Keith Palmer wrote: > I realize I can fix this by setting the permissions on the "/home/shannon" > directory to 700. *However* then Apache (running as user "www") won't > display the documents in "/home/shannon/public_html" from > "http://ip-address/~shannon/", instead returning a "403 Forbidden" error. I did not see a correct answer to your question so far, so here you are: - set the permissions to the users homedir to 0700 - run "chmod o+x" on the homedir this sets the permissions to "drwx-----x" which is exactly what you want: others can switch to this directory but _not_ read its contents - change the permissions to "public_html" to whatever you need for apache (0755 probably) done. cu, Uwe