Apache configuration

Dagmar d'Surreal dagmar.wants at nospam.com
Wed Jul 23 14:13:32 PDT 2003


On Wed, 2003-07-23 at 09:22, Alexander E. Patrakov wrote:

> 2) They are supposed to tell me if any of their materials is not a draft, so 
> that I can put a link to thet material. Copying the material into our 
> DocumentRoot is not acceptable because the owner changes and other users can 
> see a mysql password embedded in scripts. And my boss does not like to put 
> links to /~anything on the pages reachable from http://my.site/. I thought 
> that mod_rewrite is the solution.

Beat users who are writing scripts and encoding passwords directly into
them.  Two beatings for those who left these scripts readable by the
entire planet.

> RewriteRule /xray/labs/(.*) /~someone/for_study/$1 [PT,L]
> 
> 3) I want to go to http://my.site/xray/labs/ and see the listing of the remote 
> directory. I want the string "Index of /xray/labs", not "index of 
> /~someone/for_study" to appear at the top. And I surely don't want the link 
> to /~someone/ to appear as the "parent directory". /xray/ will do.
> 
> 4) Some scripts that reference themselves also put links to /~smth instead of 
> the location mentioned in request (mostly solved, we just have to tell people 
> about SCRIPT_URL and SCRIPT_URI).

Yes, tell them about it.  Tell them _not_ using those variables makes
their scripts non-portable and will be considered bugs...  Bugs that
will be remembered the next time an employee evaluation comes around.

> It has been mentioned that mod_rewrite is the wrong solution here. What's 
> right?

Changing the way you work.  You have outlined an undoable set of
conditions.

Unless you're ignoring some of the many places on the web where the
Apache team say that the webserver should run as it's own userid and
groupid, no one but the webserver and the system administrator should be
able to read these scripts directly once they're in the DocumentRoot and
have their permissions set.  Hint hint.  Web pages do not need to be
mode 444.
-- 
The email address above is just as phony as it looks, and for obvious reasons.
Instant messaging contact nfo: AIM: evilDagmar  Jabber: evilDagmar at jabber.org

-- 
Unsubscribe: send email to listar at linuxfromscratch.org
and put 'unsubscribe blfs-support' in the subject header of the message



More information about the blfs-support mailing list