From owner-freebsd-questions@FreeBSD.ORG Wed Apr 22 00:06:24 2009 Return-Path: Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id 7CB681065686 for ; Wed, 22 Apr 2009 00:06:24 +0000 (UTC) (envelope-from mister.olli@googlemail.com) Received: from mail-ew0-f171.google.com (mail-ew0-f171.google.com [209.85.219.171]) by mx1.freebsd.org (Postfix) with ESMTP id D57E68FC1E for ; Wed, 22 Apr 2009 00:06:23 +0000 (UTC) (envelope-from mister.olli@googlemail.com) Received: by ewy19 with SMTP id 19so2424997ewy.43 for ; Tue, 21 Apr 2009 17:06:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=gamma; h=domainkey-signature:received:received:subject:from:reply-to:to:cc :in-reply-to:references:content-type:date:message-id:mime-version :x-mailer:content-transfer-encoding; bh=AvtPxp6l5I3/o9GuzrODVZDZCkDS/IBrz98abNpSM40=; b=rXYvxCl8SgRSgxQxn6S1YryBQbxadOPR/kzwNipYnZTfb9BWEM7jileoeb7x9KsqI3 zbd1aoRns7Vs0sKynaO+S7phUQOX+CyoCW0z3vYQP4A8GUSH6v2OeMKqs0JE3rlDMqi7 cCTy3Jpto3g9AHu+68BYHZ3wE/o+G1mAnigqY= DomainKey-Signature: a=rsa-sha1; c=nofws; d=googlemail.com; s=gamma; h=subject:from:reply-to:to:cc:in-reply-to:references:content-type :date:message-id:mime-version:x-mailer:content-transfer-encoding; b=ce1owrlNJkgTCqhlR/14Ij6GC76R8rRz2szOrvpRwV/DC9c8f8UIkiUdpk+Dz5EmiJ QYXYeqEHDcyRB/WvV+/0KOMnQvg0meqtQLhLUpeDACNCx2ButnqC3BL/w3eZfXRzdfeE s7CGLxCNPnlTUzqMoyCOWI+eMkEvRvnJijW8g= Received: by 10.210.127.13 with SMTP id z13mr5576354ebc.91.1240358782798; Tue, 21 Apr 2009 17:06:22 -0700 (PDT) Received: from ?10.10.0.1? (port-83-236-145-122.static.qsc.de [83.236.145.122]) by mx.google.com with ESMTPS id 10sm3904900eyd.52.2009.04.21.17.06.21 (version=SSLv3 cipher=RC4-MD5); Tue, 21 Apr 2009 17:06:22 -0700 (PDT) From: Mister Olli To: Mel Flynn In-Reply-To: <200904211702.41953.mel.flynn+fbsd.questions@mailing.thruhere.net> References: <1F1D939A-3787-4C5A-995B-93EDABF0BE5A@identry.com> <200904211436.02409.mel.flynn+fbsd.questions@mailing.thruhere.net> <1240319627.11199.25.camel@phoenix.blechhirn.net> <200904211702.41953.mel.flynn+fbsd.questions@mailing.thruhere.net> Content-Type: text/plain Date: Wed, 22 Apr 2009 02:06:22 +0200 Message-Id: <1240358782.20711.7.camel@phoenix.blechhirn.net> Mime-Version: 1.0 X-Mailer: Evolution 2.24.5 Content-Transfer-Encoding: 7bit Cc: John Almberg , freebsd-questions@freebsd.org Subject: Re: Sorting out owner and group permissions... X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: mister.olli@googlemail.com List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 22 Apr 2009 00:06:24 -0000 Hi, I understand your point. But since a application can modify it to a arbritary value there must be some way to keep the app from doing nasty stuff. FreeBSD has MAC implementations ;-))) Regards, --- Mr. Olli On Di, 2009-04-21 at 17:02 +0200, Mel Flynn wrote: > On Tuesday 21 April 2009 15:13:47 Mister Olli wrote: > > > no does not work, since using SSH / SFTP does not involve starting a > > shell. so umask settings don't work. > > Then you're using the wrong system for the task. The OS can't make assumptions > about "what the ownership/modes of a file should really be, if an application > is telling it they should be different". > This is why more mature FTP daemons allow modes/ownerships to be set on > upload. > > The OS already: > - gives a new file group of the containing directory so it is easy to create > "shared files" in a "shared directory" > - has a default umask that is world readable > - allows changing a users umask > > The application (sftp) overrides all this and now you're expecting the OS to > override that again. Don't think so ;)