Re: disabling file:///home/user viewing in apache on fc3

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 8/10/05, Paul Howarth <paul@xxxxxxxxxxxx> wrote:
> Ankush Grover wrote:
> > On 8/10/05, Paul Howarth <paul@xxxxxxxxxxxx> wrote:
> >
> >>Ankush Grover wrote:
> >>
> >>>hey friends,
> >>>
> >>> Can anyone tell me how to disabling viewing any user's home directory
> >>>contents or any directory contents from the browser.
> >>>
> >>>If I do file:///home/user on the browser and then I  can see the
> >>>contents of that user's home directory ,even any user can see the root
> >>>or any other user's directory.I want to avoid this ,how can i disable
> >>>this on my computer. I am using FC3.
> >
> >
> > But it is a secruity breach.I can't read the files normally as the
> > chmod is 770 on users /home/user but through browser I can read the
> > files.
> 
> You can read the files in a browser as a regular user that you can't
> read just using "ls" in a terminal? If that's true then it is indeed a
> security issue.
ibe: http://www.redhat.com/mailman/listinfo/fedora-list


the permissions on user's home directory r normally 700 or 770 .But i
was able to view the contents of the home directories of any user
including root user home directory from the browser.I tried this with
about 5 users and those users don't have any root privileges they r
just normal users but they were able to read the contents of root and
other user's home directory and that indeed is a security breach.

Thanks for your advice

Thanks & Regards

Ankush Grover


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux