Date: Wed, 22 Apr 2009 02:06:22 +0200 From: Mister Olli <mister.olli@googlemail.com> To: Mel Flynn <mel.flynn+fbsd.questions@mailing.thruhere.net> Cc: John Almberg <jalmberg@identry.com>, freebsd-questions@freebsd.org Subject: Re: Sorting out owner and group permissions... Message-ID: <1240358782.20711.7.camel@phoenix.blechhirn.net> In-Reply-To: <200904211702.41953.mel.flynn%2Bfbsd.questions@mailing.thruhere.net> References: <1F1D939A-3787-4C5A-995B-93EDABF0BE5A@identry.com> <200904211436.02409.mel.flynn%2Bfbsd.questions@mailing.thruhere.net> <1240319627.11199.25.camel@phoenix.blechhirn.net> <200904211702.41953.mel.flynn%2Bfbsd.questions@mailing.thruhere.net>
next in thread | previous in thread | raw e-mail | index | archive | help
Hi, I understand your point. But since a application can modify it to a arbritary value there must be some way to keep the app from doing nasty stuff. FreeBSD has MAC implementations ;-))) Regards, --- Mr. Olli On Di, 2009-04-21 at 17:02 +0200, Mel Flynn wrote: > On Tuesday 21 April 2009 15:13:47 Mister Olli wrote: > > > no does not work, since using SSH / SFTP does not involve starting a > > shell. so umask settings don't work. > > Then you're using the wrong system for the task. The OS can't make assumptions > about "what the ownership/modes of a file should really be, if an application > is telling it they should be different". > This is why more mature FTP daemons allow modes/ownerships to be set on > upload. > > The OS already: > - gives a new file group of the containing directory so it is easy to create > "shared files" in a "shared directory" > - has a default umask that is world readable > - allows changing a users umask > > The application (sftp) overrides all this and now you're expecting the OS to > override that again. Don't think so ;)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1240358782.20711.7.camel>