Date: Sun, 14 Aug 2005 08:38:59 +0200 From: Stijn Hoop <stijn@win.tue.nl> To: =?iso-8859-1?Q?Jo=E3o_Carlos_Mendes_Lu=EDs?= <jonny@jonny.eng.br> Cc: hackers@freebsd.org Subject: Re: File create permissions, what am I missing? Message-ID: <20050814063859.GN26471@pcwin002.win.tue.nl> In-Reply-To: <42FEDE50.8050107@jonny.eng.br> References: <42FD15EA.8050500@jonny.eng.br> <20050812233728.GA22225@odin.ac.hmc.edu> <42FE1781.9050403@jonny.eng.br> <nospam-1123974717.18305@gecko.gbch.net> <42FEDE50.8050107@jonny.eng.br>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Sun, Aug 14, 2005 at 03:01:52AM -0300, João Carlos Mendes Luís wrote: > I could not find any vulnerability, but I do not like the idea that a > user could create files belonging to a group himself does not belong. It can come in handy sometimes. I have apache setup in a specific group. The document root on which it operates is owned by a user that owns that website. The group owner of that directory is set to the apache group, and luckily the user does not need to be in that group. This way a user can control availability of files on the web by simply denying group access, without needing to belong to yet another group just for the sake of being able to do just that. --Stijn -- "I'm not under the alkafluence of inkahol that some thinkle peep I am. It's just the drunker I sit here the longer I get." [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFC/ucDY3r/tLQmfWcRApUcAJ4nLXDDbO52aCIIRVcIR0gSH16PLQCfVUXX ki9vNKRZTNQ32t/qTWbixpU= =Kx3/ -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050814063859.GN26471>