Another boring permission question!

**sirbijan** · 02-02-2005

Problem:
I wana make my public_html folder completely private to me, which means if I run FireFox and I enter localhost/~bijan (oopse, I forgot to say, I'm bijan!), I can see the contents of my public_html folder. But let's say if another user like babak does the same thing in his browser, he gets a Forbidden note, one of those nice error 403s.

My solution:
Well, I did this:

su root
chgrop www public_html -R
chmod 770 public_html -R

And now when I "ls -l", I see that everything is perfectly set, which means public_html and all its contents are 770, with bijan as the owner and www as the group owner.

Problem:
The above solution doesn't work! I "su babak" and tried to see "localhost/~bijan", and voila, I could perfectly see it! So, I'm asking you this question: Is that possible that I throw that 403 error for any user except me myself?

**dylunio** · 02-02-2005

I think this would be possible to set a password somehow to open the file if you are running it off a server (e.g. apache), but I'm not sure how to do this.

Or you could take root permissions away from anone you do not want seeing the page...

dylunio

**sirbijan** · 02-02-2005

Hey dylunio, thanks for the reply

Well, yeah, actually know how to do it with apache, it's just cuorisity you know?! I wanted to do it completely in Linux with no scripting. And I didn't get that part you said that I remove root permission for those whom I want not seeing the page, you mean I close down their accounts, or what?

**dylunio** · 02-02-2005

Originally Posted by sirbijan

And I didn't get that part you said that I remove root permission for those whom I want not seeing the page, you mean I close down their accounts, or what?

I was thinking if mr x and mr y had permissions as root (they bothe knew the root password), mr x could change the root password but not tell mr y, then mr y couldn't login as root anyware, because he don't know the password;

but if mr y was very clever he could ask on this forum and change the rootpass himself, without having to know the rootpass mr x has set. For mr x to stop this he would have to take 'boot in single user mode' from the boot prompt, and just make a bootable floppy which would let him do this;

hope this makes sense;

dylunio

**sirbijan** · 02-03-2005

but if mr y was very clever he could ask on this forum and change the rootpass himself, without having to know the rootpass mr x has set. For mr x to stop this he would have to take 'boot in single user mode' from the boot prompt, and just make a bootable floppy which would let him do this;

I wana be Mr. Y!! Would you please gimme the address of that thread that teaches these sort of stuff?!

**dylunio** · 02-03-2005

So you want the root control over the computer?

Firstly make a bootdisket for your distro/bootloader, there are plenty of tutotials on the web, have a look about.

secondly change the rootpassword look here

Now edit your lilo.conf or your grub.conf and place a # at the start of each line that is to boot with failsafe or single usermode.

Now you will be able to login as root, but other poeple will not, and you will have the only access to boot in single user mode,

Disclamer: I have never done this, so do it at your own risk

also remember to hide the install cds as well as your boot floppy;

hope this helps;

dylunio

Thread Tools

Display

Another boring permission question!

Posting Permissions