dagmar.wants at nospam.com
Wed Jul 23 14:13:32 PDT 2003
On Wed, 2003-07-23 at 09:22, Alexander E. Patrakov wrote:
> 2) They are supposed to tell me if any of their materials is not a draft, so
> that I can put a link to thet material. Copying the material into our
> DocumentRoot is not acceptable because the owner changes and other users can
> see a mysql password embedded in scripts. And my boss does not like to put
> links to /~anything on the pages reachable from http://my.site/. I thought
> that mod_rewrite is the solution.
Beat users who are writing scripts and encoding passwords directly into
them. Two beatings for those who left these scripts readable by the
> RewriteRule /xray/labs/(.*) /~someone/for_study/$1 [PT,L]
> 3) I want to go to http://my.site/xray/labs/ and see the listing of the remote
> directory. I want the string "Index of /xray/labs", not "index of
> /~someone/for_study" to appear at the top. And I surely don't want the link
> to /~someone/ to appear as the "parent directory". /xray/ will do.
> 4) Some scripts that reference themselves also put links to /~smth instead of
> the location mentioned in request (mostly solved, we just have to tell people
> about SCRIPT_URL and SCRIPT_URI).
Yes, tell them about it. Tell them _not_ using those variables makes
their scripts non-portable and will be considered bugs... Bugs that
will be remembered the next time an employee evaluation comes around.
> It has been mentioned that mod_rewrite is the wrong solution here. What's
Changing the way you work. You have outlined an undoable set of
Unless you're ignoring some of the many places on the web where the
Apache team say that the webserver should run as it's own userid and
groupid, no one but the webserver and the system administrator should be
able to read these scripts directly once they're in the DocumentRoot and
have their permissions set. Hint hint. Web pages do not need to be
The email address above is just as phony as it looks, and for obvious reasons.
Instant messaging contact nfo: AIM: evilDagmar Jabber: evilDagmar at jabber.org
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe blfs-support' in the subject header of the message
More information about the blfs-support