On Sun, 2023-04-23 at 15:29 -0700, Mike Wright wrote:
I don't understand how his logs are accessible to the web. They
are not
under the DocumentRoot. error.log is above it and access.log is next to
it. Is it somehow possible for a client to reach above / ?
Normally, they aren't. But Patrick's were inside it. It may have been
possible for them to be publicly seen.
Remember file contexts are created on the file path, by creating a file
in the doc root structure, they'd be given public serveable SELinux
contexts. And, after switching off SELinux, it was even more likely
they could be.
If so, let me know how. I like to package my VirtualHosts so
everything
is in one zippable, portable package. If my stuff is in the wind I'll
need to make some changes.
path/to/domain/DocRoot
path/to/domain/conf
path/to/domain/acc (link to /var/log/httpd/domain/access.log)
path/to/domain/err (link to /var/log/httpd/domain/error.log)
That'd work, too.
--
uname -rsvp
Linux 3.10.0-1160.88.1.el7.x86_64 #1 SMP Tue Mar 7 15:41:52 UTC 2023 x86_64
Boilerplate: All unexpected mail to my mailbox is automatically deleted.
I will only get to see the messages that are posted to the mailing list.