Changeset 26512


Ignore:
Timestamp:
11/23/12 16:38:44 (8 years ago)
Author:
ak19
Message:

First step to improving the security issues in GS2 and GS3: now GS2's httpd.conf is set up to deny access to .gdb files, since users.gdb is to be made inaccessible. Tested that connecting to a remote (Win) GS3 server under a new user account still works (from a Linux GLI client).

Location:
main/trunk/greenstone2/runtime-src/packages/apache-httpd
Files:
2 edited

Legend:

Unmodified
Added
Removed
  • main/trunk/greenstone2/runtime-src/packages/apache-httpd/httpd.conf.in

    r24901 r26512  
    444444     Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost
    445445  </Directory>
     446
     447# Deny access to users.gdb (and other gdb files)
     448# Tested with remote GS2 server on Windows against linux client
     449# If any issues, can try appending the line:
     450#   Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost
     451  <FilesMatch "\.gdb">
     452     Order deny,allow
     453     Deny from all
     454  </FilesMatch>
  • main/trunk/greenstone2/runtime-src/packages/apache-httpd/windows-httpd.conf.in

    r24902 r26512  
    522522     Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost
    523523  </Directory>
     524
     525# Deny access to users.gdb (and other gdb files)
     526# Tested with remote GS2 server on Windows against linux client
     527# If any issues, can try appending the line:
     528#   Allow from 127.0.0.1 **HOST_IP** **HOSTS** localhost
     529  <FilesMatch "\.gdb">
     530     Order deny,allow
     531     Deny from all
     532  </FilesMatch>
Note: See TracChangeset for help on using the changeset viewer.