HP3000-L Archives

October 2002, Week 3

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: Apache/Unix security question
From:
Richard Barker <[log in to unmask]>
Reply To:
Richard Barker <[log in to unmask]>
Date:
Wed, 16 Oct 2002 07:59:52 +0200
Content-Type:
text/plain
Parts/Attachments:
text/plain (187 lines) 
Thanks for the help, but still the same problem.

If you will notice the file CRAP, has the correct security, identical to the
others, yet I can't access that either.  Basically any new files that I have
generated.  Obviously something must have changed, but according to Pos/ix
and MPE the files have no extra security, when compared to the others.

Also, if I copy one of the valid files in the MPE or Pos/ix, I am able to
access it.  If I copy one of the blocked files, again I am blocked, so there
must be some hidden security on the files, that I just can't see.



-----Original Message-----
From: Mark Bixby [mailto:[log in to unmask]]
Sent: 15 October 2002 22:40
To: Richard Barker
Cc: [log in to unmask]
Subject: Re: Apache/Unix security question


I'm guessing you need to have the $OWNER, $GROUP_MASK, and $GROUP ACD
entries
set up for these files.  Now *why* you are missing those entries for the 3
particular files I have no idea.

The easiest way to create those POSIX ACD entries is to use the POSIX chmod
command (aka /bin/chmod or /SYS/HPBIN/CHMOD), i.e.:

        chmod 777 SEP02.DOC

- Mark B.

Richard Barker wrote:

> [Mon Oct 14 06:46:16 2002] [error] [client 10.1.201.20]
> (48)Implementation-defined error: file permissions deny server access:
> /APACHE/PUB/htdocs/BILLING/81202166/2002/SEP02.DOC
>
>
>
> -----Original Message-----
> From: Mark Bixby [mailto:[log in to unmask]]
> Sent: 14 October 2002 22:59
> To: Richard Barker
> Cc: [log in to unmask]
> Subject: Re: Apache/Unix security question
>
>
> What does the Apache error_log file have to say?
>
> - Mark B.
>
> Richard Barker wrote:
>
>
>>Under Apache I have a number of DOC's that people can access, for some
>>reason I can access all of them, but one or two, that I have generated
>>recently.
>>
>>Under Pos/iX the security is all the same, but under MPE there is a slight
>>difference:
>>
>> ------------ACD ENTRIES-------------- FILENAME
>>
>> $OWNER             : R,W,X,RACD       APR01.DOC
>> $GROUP_MASK        : R,W,X,RACD
>> $GROUP             : R,W,X,RACD
>> @.@                : R,W,X,RACD
>> $OWNER             : R,W,X,RACD       AUG01.DOC
>> $GROUP_MASK        : R,W,X,RACD
>> $GROUP             : R,W,X,RACD
>> @.@                : R,W,X,RACD
>> $OWNER             : R,W,X,RACD       CRAP.DOC
>> $GROUP_MASK        : R,W,X,RACD
>> $GROUP             : R,W,X,RACD
>> @.@                : R,W,X,RACD
>> $OWNER             : R,W,X,RACD       MAY02.DOC
>> $GROUP_MASK        : R,W,X,RACD
>> $GROUP             : R,W,X,RACD
>> @.@                : R,W,X,RACD
>> @.@                : R,W,X,A,L,RACD   SEP02.DOC
>> @.@                : R,W,X,A,L,RACD   SEPXX.DOC
>>
>>
>>drwxrwxrwx   2 MGR.VIRGIN        APACHE      1280 Oct 14 15:00 .
>>drwxrwxrwx   3 MGR.VIRGIN        APACHE       416 Feb 20  2002 ..
>>-rwxrwxrwx   1 ACCT.VIRGIN       APACHE      7600 Apr 18 13:04 APR01.DOC
>>-rwxrwxrwx   1 MGR.VIRGIN        APACHE     11800 Sep 26 10:29 AUG01.DOC
>>-rwxrwxrwx   1 MGR.VIRGIN        APACHE     12200 Oct 14 14:02 CRAP.DOC
>>-rwxrwxrwx   1 MGR.VIRGIN        APACHE      7980 Feb 20  2002 FEB01.DOC
>>-rwxrwxrwx   1 ACCT.VIRGIN       APACHE      7980 Mar  4  2002 FEB02.DOC
>>-rwxrwxrwx   1 MGR.VIRGIN        APACHE     11800 Aug  6 12:29 JULY02.DOC
>>-rwxrwxrwx   1 ACCT.VIRGIN       APACHE      7790 Apr  4  2002 MAR02.DOC
>>-rwxrwxrwx   1 BILLING.VIRGIN    APACHE      8740 May 17 18:14 MAY01.DOC
>>-rwxrwxrwx   1 ACCT.VIRGIN       APACHE      7600 Jun  6 17:44 MAY02.DOC
>>-rwxrwxrwx   1 MGR.VIRGIN        APACHE     12200 Oct 14 14:51 SEP02.DOC
>>-rwxrwxrwx   1 MGR.VIRGIN        APACHE     12200 Oct 14 15:00 SEPXX.DOC
>>
>>
>>
>>
>>Now for some reason, via Apache, I can't access SEPXX, SEP02 and also
>>
> CRAP,
>
>>yet I can access all the others:
>>
>>Forbidden
>>You don't have permission to access /BILLING/81202166/2002/SEPXX.DOC on
>>
> this
>
>>server.
>>
>>
>>
>>
>
----------------------------------------------------------------------------
>
>>----
>>
>>Apache/1.3.14 Server at 10.1.3.200 Port 80
>>
>
> --
> [log in to unmask]
> Remainder of .sig suppressed to conserve expensive California electrons...
>
>
>
> ==================================
> This message contains confidential information and is intended solely for
> the use of the individual or entity to whom it is addressed. If you are
not
> the named addressee you should not disseminate, distribute or copy this
> email. Please inform the sender immediately if you have received this
e-mail
> by mistake and delete this email from your system. Email transmission
cannot
> be guaranteed to be secure or error-free as information could be
> intercepted, corrupted, lost, destroyed, arrive late or be incomplete. The
> sender therefore does not accept liability for any errors or omissions in
> the contents of this message, which arise as a result of email
transmission.
> If verification is required please request a hard copy version. No
contracts
> may be concluded on behalf of Virgin Express SA/NV by means of email
> communication. Finally, the recipient should check this e-mail and any
> attachments for the presence of viruses. The company accepts no liability
> for any damage caused by any virus transmitted by this email.
> ==================================
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
>
>


--
[log in to unmask]
Remainder of .sig suppressed to conserve expensive California electrons...



==================================
This message contains confidential information and is intended solely for
the use of the individual or entity to whom it is addressed. If you are not
the named addressee you should not disseminate, distribute or copy this
email. Please inform the sender immediately if you have received this e-mail
by mistake and delete this email from your system. Email transmission cannot
be guaranteed to be secure or error-free as information could be
intercepted, corrupted, lost, destroyed, arrive late or be incomplete. The
sender therefore does not accept liability for any errors or omissions in
the contents of this message, which arise as a result of email transmission.
If verification is required please request a hard copy version. No contracts
may be concluded on behalf of Virgin Express SA/NV by means of email
communication. Finally, the recipient should check this e-mail and any
attachments for the presence of viruses. The company accepts no liability
for any damage caused by any virus transmitted by this email.
==================================

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2