[MacPorts] #68532: Since Monterey there is additional security for UserDir enabled by default and it's not documented (was: Since Monterrey there is additional security for UserDir enabled by default and it's not documented)

MacPorts noreply at macports.org
Mon Oct 23 00:48:15 UTC 2023 

#68532: Since Monterey there is additional security for UserDir enabled by default
and it's not documented
--------------------------+--------------------
  Reporter:  Behinder     |      Owner:  (none)
      Type:  enhancement  |     Status:  new
  Priority:  Normal       |  Milestone:
 Component:  wiki         |    Version:  2.8.1
Resolution:               |   Keywords:
      Port:  apache2      |
--------------------------+--------------------
Changes (by ryandesign):

 * keywords:  apache, web server =>
 * type:  request => enhancement
 * component:  ports => wiki


Old description:

> I spent week trying to figure it out as this is not documented on
> https://trac.macports.org/wiki/Apache2.4.x
> Example file https-userdir.conf will not work because for God only knows
> reason Apple disabled access to user home directory for other
> directories.
> Therefore to make things work you should do in terminal
>
> {{{
> chmod +a "_www allow execute" ~
> }}}
>
> I don't know what this command is equivalent for - probably it is
> shorthand for adding user home directory to the group _www and then
> adding +x (for user? group? others?) just for this user, instead of doing
> chmod o+x ~ which would be risky.
>
> Anyway this should be documented somewhere on each system >=Monterrey.
> Apple is really annoying I wish I could go back to Mojave.

New description:

 I spent week trying to figure it out as this is not documented on
 wiki:Apache2.4.x
 Example file https-userdir.conf will not work because for God only knows
 reason Apple disabled access to user home directory for other directories.
 Therefore to make things work you should do in terminal

 {{{
 chmod +a "_www allow execute" ~
 }}}

 I don't know what this command is equivalent for - probably it is
 shorthand for adding user home directory to the group _www and then adding
 +x (for user? group? others?) just for this user, instead of doing chmod
 o+x ~ which would be risky.

 Anyway this should be documented somewhere on each system >=Monterey.
 Apple is really annoying I wish I could go back to Mojave.

--

Comment:

 Anyone can edit the wiki.

-- 
Ticket URL: <https://trac.macports.org/ticket/68532#comment:1>
MacPorts <https://www.macports.org/>
Ports system for macOS

More information about the macports-tickets mailing list