From wjs Wed Nov 15 15:33:11 2000
Date: Mon, 13 Nov 2000 14:58:06 -0500 (EST)
From: Joe Shamblin
To: faculty
Subject: Web server and symbolic links


We are trying to clean up some security and privacy issues on the web
server. In our effort to do this we have set the web server so that
the web server will only follow a symbolic link to a file or directory
that your own. For instance. If you have created a link from
~/public_html/link that points to /usr/project/courses/xxxx, it will
only work if you own the xxxx directory. If you do not own the
directory it will return a "Permission denied" to the web surfer. In
order to avoid this, you can create a file named .htaccess in your
public_html directory that will redirect the browser to the correct
web location. The syntax should be as follows:    

Redirect /~user/link   http://www.cs.duke.edu/courses/fall00/cpsxxx
Redirect /~user/link.html http://www.cs.duke.edu/courses/fall00/cpsxxx/file.html

In the future, please use this method instead of symbolic links to
avoid any problems. If you have any problems with this please notify
us at problem, we will be glad to assist you.

Thanks,

Labstaff