Alaya is a primitive chrooting Web server with basic WebDAV support. It can serve HTTPS and HTTP, and can authenticate using PAM, /etc/shadow, /etc/passwd, or using its own authentication files that allow for 'native' users that only have access to alaya content. It's intended to be a simple method of sharing content over WebDAV, and though it can be configured with a config file, it's easy to configure by command-line switches alone. Alaya always chroots to ensure that malicious users can't use '..' within a URL to access unintended documents, and that users can't accidentally leave documents in places outside of the chroot. It has a 'ChHome' mode that chroots users into their home directory and serves content from there. It supports .cgi scripts out of a trusted path (so not from within the chrooted WebDAV share) and read-only shared directories that are outside of the chroot (allowing access to shared content when in ChHome mode).
|Tags||WebDAV Webserver https HTTP Servers|
Release Notes: This release fixes many bugs, improves the CGI interface, adds Proxy VPaths and makes Proxy support work again, and adds Digest Authentication.
Release Notes: Adds anti-XSS (cross-site-scripting) features. Adds a logout method for HTTP authentication. The usual bugfixes and changes. Authentication is now only 'native' by default; other authentication types (PAM, shadow, passwd) have to be explicitly enabled in the configuration.
Release Notes: Many minor bugfixes. Adds a 'Referrer' CGI variable.
Release Notes: An authentication segfault has been fixed. Support has been added for 'chained' certificate bundles. A hashfile has been added to check the integrity of .cgi scripts. An 'AuthDelay' option has been added to prevent brute-force password guessing.
Release Notes: This release adds many bugfixes. Webdav 'Copy' now works.