From owner-freebsd-isp Tue Nov 12 12:20: 4 2002 Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 26E7937B401 for ; Tue, 12 Nov 2002 12:20:03 -0800 (PST) Received: from users.munk.nu (213-152-51-194.dsl.eclipse.net.uk [213.152.51.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id B887343E3B for ; Tue, 12 Nov 2002 12:20:01 -0800 (PST) (envelope-from munk@users.munk.nu) Received: from users.munk.nu (localhost [127.0.0.1]) by users.munk.nu (8.12.6/8.12.6) with ESMTP id gACKJmxt028623 for ; Tue, 12 Nov 2002 20:19:48 GMT (envelope-from munk@users.munk.nu) Received: (from munk@localhost) by users.munk.nu (8.12.6/8.12.6/Submit) id gACKJlOF028622 for freebsd-isp@freebsd.org; Tue, 12 Nov 2002 20:19:47 GMT Date: Tue, 12 Nov 2002 20:19:47 +0000 From: Jez Hancock To: FreeBSD ISP List Subject: Re: per-user groups Message-ID: <20021112201947.GA28569@users.munk.nu> Mail-Followup-To: FreeBSD ISP List References: <20021105130922.A36056@cthulu.compt.com> <20021110214410.GA98103@users.munk.nu> <20021112085654.GA55722@blazingdot.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20021112085654.GA55722@blazingdot.com> User-Agent: Mutt/1.4i Sender: owner-freebsd-isp@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org On Tue, Nov 12, 2002 at 12:56:54AM -0800, Marcus Reid wrote: > Another way to do almost the same thing is to have the users home > directory perms set to rwxr-x--x. Apache can get to the users public_html > directory, and noone can get a directory listing of another persons home > directory. Users still have to make sure that files they don't want to > be world readable aren't world readable, but it's a solution that suits > my tastes a little better. This is how I had my system setup until a few days ago, the nice thing about it being if one user in a shell wants to let another user look at a file they can just say 'have a look at /home/myhome/file' and providing the perms on 'file' are right, the other user can still see the file even though they can't actually run a listing on the directory /home/myhome. Obviously though this runs the risk of letting user's guess the location of important files in a shell (which was why I moved away from this setup) - say by attempting to read commonly used names for config files, ie: 'cat /home/another/web/include/config.php' Regarding what you say about user's being able to use the fact the 'www' user is in all user groups to write malicious scripts to read / traverse directories outside their own home dir - I know you can setup PHP to stop this (using the open_basedir and safe_mode php.ini settings for example), but how do you do similar for cgis? Incidentally I'm having hassles getting that setup I suggested to work, it's totally baffling. I'm sticking with the method you mention Marcus for now ;) Regards, Jez To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-isp" in the body of the message