Date: Thu, 12 Feb 2009 11:36:29 +0200 From: Jonathan McKeown <jonathan+freebsd-questions@hst.org.za> To: freebsd-questions@freebsd.org Subject: Re: Restricting users to their own home directories / not letting users view other users files...? Message-ID: <200902121136.29330.jonathan%2Bfreebsd-questions@hst.org.za> In-Reply-To: <20090212010742.GA51989@slackbox.xs4all.nl> References: <53134.12.68.55.226.1234369337.squirrel@www.academickeys.com> <20090211202413.GA44294@slackbox.xs4all.nl> <20090212010742.GA51989@slackbox.xs4all.nl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thursday 12 February 2009 03:07:42 Paul Schmehl wrote: > > Sorry if I wasn't clear. > > I wasn't suggesting that the *users* chgrp the files. Keith would do that > as root. Then he sets the setgid bit to www (or whatever the web user is), > and from that point going forward any files created by the user would be > user:www instead of user:user. Set the umask to 027, and world has no > readability. > > This is exactly how I used to handle some files on a webserver that I > maintain that other people needed to be able to edit, add and delete files > from. Once the sgid bit is set, the group membership of the files remains > www no matter what user creates/touches a file. Erm, isn't this only true for Linux and other SysV-type systems? Unless I'm remembering wrong, in FreeBSD files are always created with group ownership the same as the directory they're created in - so all you need to do is change the group ownership of the directory (which has to be done by root). Jonathan
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200902121136.29330.jonathan%2Bfreebsd-questions>