FollowSymLinks and SymLinksIfOwnerMatch

Discussion in 'General' started by masood_y, Apr 30, 2009.

  1. masood_y

    masood_y New Member

    I need to pervent users for make SymLinks to other directory.

    I have following setting in httpd.conf:
    Code:
    <Directory "/">
        Options ExecCGI FollowSymLinks Includes IncludesNOEXEC -Indexes -MultiViews SymLinksIfOwnerMatch
        AllowOverride All
    </Directory>
    I have following setting in litespeed (Server -> General -> Security)
    Code:
    File Access	
    
    Follow Symbolic Link	If Owner Match
    Check Symbolic Link	Yes
    Required Permission Mask	       000
    Restricted Permission Mask	000
    I have version 4.0.3 on my server too. But user can make SymLinks to other directory too.

    Please help me for stop it.

    Thank You very much.
  2. auser

    auser Super Moderator

    how about:
    Configuration-->Virtual Hosts-->select 1 host

    Basic->Security->Restrained:Yes
  3. masood_y

    masood_y New Member

    I dont have any "Virtual Hosts"
  4. mistwang

    mistwang LiteSpeed Staff

    There is no way to prevent a user running a perl script to create a symbolic link pointing to another user's file, unless you want to disable perl completely. However, does not like Apache, 4.0.3 enforces "SymLinksIfOwnerMatch", nobody can override it via .htaccess with "Options +FollowSymLinks" in order to view the content of the file.

    As long as the access to the file is blocked, nothing to worry about.

    Please stopping asking the same question again and again, it has been solved. You can post to webhostingtalk see if you can get a better answer there.

Share This Page