User Tools

Site Tools


evergreen-admin:security:apache

Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Next revision
Previous revision
evergreen-admin:security:apache [2006/01/08 06:12]
127.0.0.1 external edit
evergreen-admin:security:apache [2022/02/10 13:34] (current)
Line 6: Line 6:
  
 Good news: Even if a user gets access to this directory, there's nothing extremely damaging that can be done.  Almost everything in the bootstrapping script will have references to it, and therefore cannot be deleted.  However, a user can add new libraries, re-arrange consortia, and change user groups.  The worst thing (I can imagine at the moment) is a staff member could access the directory, and change his associated security group to administrative level privileges. Good news: Even if a user gets access to this directory, there's nothing extremely damaging that can be done.  Almost everything in the bootstrapping script will have references to it, and therefore cannot be deleted.  However, a user can add new libraries, re-arrange consortia, and change user groups.  The worst thing (I can imagine at the moment) is a staff member could access the directory, and change his associated security group to administrative level privileges.
 +
 +====== Hiding overdue notices from non-staff users ======
 +
 +If your overdue notices go to a publicly accessible webserver, putting this into ''eg_vhost.conf'' should require a staff login before viewing them.
 +
 +<code apache>
 +# ----------------------------------------------------------------------------------
 +# Overdue Notices
 +# ----------------------------------------------------------------------------------
 +<Location /notices/>
 +    SetHandler perl-script
 +    PerlSetVar OILSProxyTitle "Notices Login"
 +    PerlSetVar OILSProxyDescription "Please log in to view overdue notices"
 +    PerlSetVar OILSProxyPermissions "STAFF_LOGIN"
 +    PerlHandler OpenILS::WWW::Proxy
 +    Options +ExecCGI +Indexes
 +    PerlSendHeader On
 +    allow from all
 +</Location>
 +</code>
evergreen-admin/security/apache.1136718737.txt.gz · Last modified: 2022/02/10 13:33 (external edit)

© 2008-2022 GPLS and others. Evergreen is open source software, freely licensed under GNU GPLv2 or later.
The Evergreen Project is a U.S. 501(c)3 non-profit organization.