Date: Sun, 14 Aug 2005 08:38:59 +0200 From: Stijn Hoop <stijn@win.tue.nl> To: =?iso-8859-1?Q?Jo=E3o_Carlos_Mendes_Lu=EDs?= <jonny@jonny.eng.br> Cc: hackers@freebsd.org Subject: Re: File create permissions, what am I missing? Message-ID: <20050814063859.GN26471@pcwin002.win.tue.nl> In-Reply-To: <42FEDE50.8050107@jonny.eng.br> References: <42FD15EA.8050500@jonny.eng.br> <20050812233728.GA22225@odin.ac.hmc.edu> <42FE1781.9050403@jonny.eng.br> <nospam-1123974717.18305@gecko.gbch.net> <42FEDE50.8050107@jonny.eng.br>
next in thread | previous in thread | raw e-mail | index | archive | help
--Q0rSlbzrZN6k9QnT Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Aug 14, 2005 at 03:01:52AM -0300, Jo=E3o Carlos Mendes Lu=EDs wrote: > I could not find any vulnerability, but I do not like the idea that a > user could create files belonging to a group himself does not belong. It can come in handy sometimes. I have apache setup in a specific group. The document root on which it operates is owned by a user that owns that website. The group owner of that directory is set to the apache group, and luckily the user does not need to be in that group. This way a user can control availability of files on the web by simply denying group access, without needing to belong to yet another group just for the sake of being able to do just that. --Stijn --=20 "I'm not under the alkafluence of inkahol that some thinkle peep I am. It's just the drunker I sit here the longer I get." --Q0rSlbzrZN6k9QnT Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFC/ucDY3r/tLQmfWcRApUcAJ4nLXDDbO52aCIIRVcIR0gSH16PLQCfVUXX ki9vNKRZTNQ32t/qTWbixpU= =Kx3/ -----END PGP SIGNATURE----- --Q0rSlbzrZN6k9QnT--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20050814063859.GN26471>