> Order deny,allow
> Deny from all
>in my access.conf Apache file. If i make a link (ln -s / public_dir) i
>still can access all the Unix partition. How can i prevent this? (the
>upper command should do it, but why doesn't it work?)
If ~user/public_html/foo is a link to /, access to
http://server/~user/foo/etc/motd is done as if the structure were under
~user/foo, not under /. This means that, for example, if ~user/foo
requires authentication, ~user/foo/etc/motd will also require
authentication. If it were treated the way you expect it to,
it would not require authentication unless / or /etc did.
The basic idea is that a symbolic link makes one directory
appear like it is under another. For better or worse, that is
the way Apache treats it.
The only way I can think of offhand to stop people from doing this
is to disable following symbolic links entirely ("Options
-FollowSymLinks", or just take out the FollowSymLinks from the
appropriate place) or partially (SymLinksIfOwnerMatch).