Date: Sun, 23 Dec 2012 11:23:32 -0500 From: Barney Wolff <barney@databus.com> To: "Mikhail T." <mi+thun@aldan.algebra.com> Cc: stable@freebsd.org Subject: Re: What is "negative group permissions"? (Re: narawntapu security run output) Message-ID: <20121223162332.GA38788@pit.databus.com> In-Reply-To: <50D7287C.7020802@aldan.algebra.com> References: <201212230805.qBN850Pj083122@narawntapu.narawntapu> <50D7287C.7020802@aldan.algebra.com>
next in thread | previous in thread | raw e-mail | index | archive | help
The r for other means that you have not accomplished your goal. It makes no sense to have group with less permission that other, so the script is warning of a misconfiguration. On Sun, Dec 23, 2012 at 10:51:24AM -0500, Mikhail T. wrote: > On 23.12.2012 03:05, Charlie Root wrote: > > Checking negative group permissions: > > 8903027 -rw--w-r-- 1 mi www 794277 Oct 23 07:47:45 2007 /home/mi/public_html/syb/order/download.log > Hello! > > The above started to appear in the daily security run output after I > upgraded to 9.1. I don't understand, what this check is doing or why the > above file is reported -- what's abnormal (warning-worthy) about > allowing the web-server to write to, but not read a file? I did it on > purpose to keep all files associated with a project together, but > without inadvertently serving some of them...
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20121223162332.GA38788>