next up previous contents
Next: Where to configure Up: The Access Configuration Previous: Restricting Users

More detailed access control

Two other configuration settings can also be specified on a per directory basis: `` Options'' and `` AllowOverride''.

<Directory /www/htdocs/people/secure>
Options Indexes ExecCGI
AllowOverride Limit AuthConfig
<Limit GET>
allow from all

Options can specify `` None'', `` All'', or a combination of `` Indexes'', `` Includes'', `` IncludesNoExec'', `` FollowSymLinks'', `` SymLinksIfOwnerMatch'' and `` ExecCGI''. The meanings of these are:

specifies that if no default index is available for the directory, the server should list the files in the directory. If the directory contains work in progress or files you don't want the user to see until the appropriate time, either add an index file, or don't specify Indexes

specifies that server side include files are enabled in this directory. Server Side Includes are a method by which the NCSA server parses the HTML document being returned and then includes information from other files, or executes commands to produce data to be included in the document to be returned. Although this is a powerful feature, it can be a security risk in untrusted directories. It is not described in detail here.

allows server side includes, but disables the exec feature. This allows other documents to be included by the server into the document to be returned, but doesn't allow arbitrary shell or CGI scripts to be run. This reduces the security risk of server side includes somewhat.

specifies that symbolic links in this directory can be followed. If this directory is one in which untrusted users can create files, then specifying FollowSymLinks is a security risk.
specifies that symbolic links in this directory can be followed if the target directory has the same owner as the link.
specifies that execution of CGI scripts is allowed in this directory.

`` AllowOverride'' can be set to `` None'', `` All'', or any combination of `` Options'', `` FileInfo'', `` AuthConfig'', and `` Limit''

It is advisable to keep access control functionality in one place - namely the `` access.conf'' file. However, if you want untrusted users to be able to write their own HTML files, you may also want them to be able to specify access control to their files. Allowing such users access to your `` access.conf'' file is extremely inadvisable, so you can let such users set up their own `` .htaccess'' files. However, allowing untrusted users to override your security setup from their own `` .htaccess'' file is also inadvisable, as, for instance, they could put in symbolic links to otherwise protected parts of the filestore, which could then be followed by the server. If possible, it is advisable to set AllowOverride to None.

specifies that the `` .htaccess'' file can override the Options as specified in `` access.conf''.
specifies that the .htaccess file can use the AddType and AddEncoding directives (as in `` srm.conf'') to add new MIME content types.
specifies that the .htaccess file can use the AuthName, AuthType, AuthUserFile and AuthGroupFile directives to set user password authorisation.
specifies that the `` .htaccess'' file can override who can access the directory.

If no AllowOverride directive is given for a directory or any of its parents, HTTPD assumes AllowOverride All.

Note that the access.conf file applies to a directory subtree, whereas .htaccess files need not override the whole subtree.

next up previous contents
Next: Where to configure Up: The Access Configuration Previous: Restricting Users

Jon Crowcroft
Wed May 10 11:46:29 BST 1995