moddiffprivs-announce — Announce about new version of mod_diffprivs

[Lukasz W. <lw...@eu...>]

Today I upload a new release of mod_diffprivs. Since now it works with
userdir, for example You can use:
Privs AsFileOwnerSecure AsFileOwnerPrimaryGroup

then before serving file (i.e.) server/~lw/index.html then server
will change uid/gid for user/group lw (with path checking -"As...Secure").
This will work only when You specified another (new) directive
"PrivsUserDir".(I didnt mention about it in README, I'll do this soon).
This directive gets one argument, which is userdir where www files are
stored (the same as("UserDir"). For example, set 
Privs AsFileOwnerSecure AsFileOwnerPrimaryGroup
PrivsUserDir public_html

when server receives request /~lw/index.html and lw's home dir is
/home/users/lw, then will change uid/gid to owner's file
/home/users/lw/public_html/index.html (with secure path checking).

If You don't use PrivsUserDir directive then will NOT work requests for
userdirs. This is for security, for example You have real_server 
(and real_users) and virtual_server. When comming request 
GET /~realuser/index.txt HTTP/1.0
Host: virtual_server

then (with previos version mod_diffprivs) request succeed and apache
change uid/gid for virtual_server, but will serving file 
/home/to/real_user/user_dir/index.txt. If it's (hard|sym*)link then user
can view file (source) pointing by index.txt

Well... that's all. I hope it will work, it work in my servers.
Soon I'll reedit README file, mention about PrivsUserDir and make it
iterative. Best regards and have a nice weekend,
Lukasz

* - only if no: Option SymlinkIfOwnerMatch (should be used any way)
as always: sorry for my poor english :/

-- 
"... az w jedna krotka chwile, pojmiesz po co zyjesz ..."
		Perfect "Kolysanka dla nieznajomej"
			Lukasz Wojtow <lw...@ws...>