Thanks for the help, but still the same problem.
If you will notice the file CRAP, has the correct security, identical to the
others, yet I can't access that either. Basically any new files that I have
generated. Obviously something must have changed, but according to Pos/ix
and MPE the files have no extra security, when compared to the others.
Also, if I copy one of the valid files in the MPE or Pos/ix, I am able to
access it. If I copy one of the blocked files, again I am blocked, so there
must be some hidden security on the files, that I just can't see.
-----Original Message-----
From: Mark Bixby [mailto:[log in to unmask]]
Sent: 15 October 2002 22:40
To: Richard Barker
Cc: [log in to unmask]
Subject: Re: Apache/Unix security question
I'm guessing you need to have the $OWNER, $GROUP_MASK, and $GROUP ACD
entries
set up for these files. Now *why* you are missing those entries for the 3
particular files I have no idea.
The easiest way to create those POSIX ACD entries is to use the POSIX chmod
command (aka /bin/chmod or /SYS/HPBIN/CHMOD), i.e.:
chmod 777 SEP02.DOC
- Mark B.
Richard Barker wrote:
> [Mon Oct 14 06:46:16 2002] [error] [client 10.1.201.20]
> (48)Implementation-defined error: file permissions deny server access:
> /APACHE/PUB/htdocs/BILLING/81202166/2002/SEP02.DOC
>
>
>
> -----Original Message-----
> From: Mark Bixby [mailto:[log in to unmask]]
> Sent: 14 October 2002 22:59
> To: Richard Barker
> Cc: [log in to unmask]
> Subject: Re: Apache/Unix security question
>
>
> What does the Apache error_log file have to say?
>
> - Mark B.
>
> Richard Barker wrote:
>
>
>>Under Apache I have a number of DOC's that people can access, for some
>>reason I can access all of them, but one or two, that I have generated
>>recently.
>>
>>Under Pos/iX the security is all the same, but under MPE there is a slight
>>difference:
>>
>> ------------ACD ENTRIES-------------- FILENAME
>>
>> $OWNER : R,W,X,RACD APR01.DOC
>> $GROUP_MASK : R,W,X,RACD
>> $GROUP : R,W,X,RACD
>> @.@ : R,W,X,RACD
>> $OWNER : R,W,X,RACD AUG01.DOC
>> $GROUP_MASK : R,W,X,RACD
>> $GROUP : R,W,X,RACD
>> @.@ : R,W,X,RACD
>> $OWNER : R,W,X,RACD CRAP.DOC
>> $GROUP_MASK : R,W,X,RACD
>> $GROUP : R,W,X,RACD
>> @.@ : R,W,X,RACD
>> $OWNER : R,W,X,RACD MAY02.DOC
>> $GROUP_MASK : R,W,X,RACD
>> $GROUP : R,W,X,RACD
>> @.@ : R,W,X,RACD
>> @.@ : R,W,X,A,L,RACD SEP02.DOC
>> @.@ : R,W,X,A,L,RACD SEPXX.DOC
>>
>>
>>drwxrwxrwx 2 MGR.VIRGIN APACHE 1280 Oct 14 15:00 .
>>drwxrwxrwx 3 MGR.VIRGIN APACHE 416 Feb 20 2002 ..
>>-rwxrwxrwx 1 ACCT.VIRGIN APACHE 7600 Apr 18 13:04 APR01.DOC
>>-rwxrwxrwx 1 MGR.VIRGIN APACHE 11800 Sep 26 10:29 AUG01.DOC
>>-rwxrwxrwx 1 MGR.VIRGIN APACHE 12200 Oct 14 14:02 CRAP.DOC
>>-rwxrwxrwx 1 MGR.VIRGIN APACHE 7980 Feb 20 2002 FEB01.DOC
>>-rwxrwxrwx 1 ACCT.VIRGIN APACHE 7980 Mar 4 2002 FEB02.DOC
>>-rwxrwxrwx 1 MGR.VIRGIN APACHE 11800 Aug 6 12:29 JULY02.DOC
>>-rwxrwxrwx 1 ACCT.VIRGIN APACHE 7790 Apr 4 2002 MAR02.DOC
>>-rwxrwxrwx 1 BILLING.VIRGIN APACHE 8740 May 17 18:14 MAY01.DOC
>>-rwxrwxrwx 1 ACCT.VIRGIN APACHE 7600 Jun 6 17:44 MAY02.DOC
>>-rwxrwxrwx 1 MGR.VIRGIN APACHE 12200 Oct 14 14:51 SEP02.DOC
>>-rwxrwxrwx 1 MGR.VIRGIN APACHE 12200 Oct 14 15:00 SEPXX.DOC
>>
>>
>>
>>
>>Now for some reason, via Apache, I can't access SEPXX, SEP02 and also
>>
> CRAP,
>
>>yet I can access all the others:
>>
>>Forbidden
>>You don't have permission to access /BILLING/81202166/2002/SEPXX.DOC on
>>
> this
>
>>server.
>>
>>
>>
>>
>
----------------------------------------------------------------------------
>
>>----
>>
>>Apache/1.3.14 Server at 10.1.3.200 Port 80
>>
>
> --
> [log in to unmask]
> Remainder of .sig suppressed to conserve expensive California electrons...
>
>
>
> ==================================
> This message contains confidential information and is intended solely for
> the use of the individual or entity to whom it is addressed. If you are
not
> the named addressee you should not disseminate, distribute or copy this
> email. Please inform the sender immediately if you have received this
e-mail
> by mistake and delete this email from your system. Email transmission
cannot
> be guaranteed to be secure or error-free as information could be
> intercepted, corrupted, lost, destroyed, arrive late or be incomplete. The
> sender therefore does not accept liability for any errors or omissions in
> the contents of this message, which arise as a result of email
transmission.
> If verification is required please request a hard copy version. No
contracts
> may be concluded on behalf of Virgin Express SA/NV by means of email
> communication. Finally, the recipient should check this e-mail and any
> attachments for the presence of viruses. The company accepts no liability
> for any damage caused by any virus transmitted by this email.
> ==================================
>
> * To join/leave the list, search archives, change list settings, *
> * etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
>
>
>
--
[log in to unmask]
Remainder of .sig suppressed to conserve expensive California electrons...
==================================
This message contains confidential information and is intended solely for
the use of the individual or entity to whom it is addressed. If you are not
the named addressee you should not disseminate, distribute or copy this
email. Please inform the sender immediately if you have received this e-mail
by mistake and delete this email from your system. Email transmission cannot
be guaranteed to be secure or error-free as information could be
intercepted, corrupted, lost, destroyed, arrive late or be incomplete. The
sender therefore does not accept liability for any errors or omissions in
the contents of this message, which arise as a result of email transmission.
If verification is required please request a hard copy version. No contracts
may be concluded on behalf of Virgin Express SA/NV by means of email
communication. Finally, the recipient should check this e-mail and any
attachments for the presence of viruses. The company accepts no liability
for any damage caused by any virus transmitted by this email.
==================================
* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *
|