From the installation docs, I checked my installation and
found /doc/sql to be wide open from the web, but for /admin ACS
required a log in. The permissions on both directories are
user:group of nsadmin:nsadmin. I want to lock down doc/sql but think
that if I change the permissions AOL won't have access to it.
How
does one allow the system access to such things yet also keep it from
serving it up to the world? Thanks! Rick
"Now, you need to protect the proper administration
directories of the ACS. You decide the policy. Here are the
directories to consider protecting: -
/doc (or at least /doc/sql/ since some AOLserver configurations will
allow a user to execute SQL files)
-
/admin
-
any private admin dirs for a module you might have written that are
not underneath the /admin directory "