On Mon, 20 May 2002, Jesse Pollard wrote:
> > > No. You loose the fact that the file was NOT created by the user.
> >
> > the user in my example above would be wwwrun or httpd - and that does not
> > make any sense at all! It would make much more sense if the new files
> > belonged to the owner of the directory, who is the one who owns the
> > virtual host.
>
> You can't tell who the user is. ANY user would be able to do that.
Bzzzt. Only if the permissions permitted it.
Example 1:
/home/bob/public_html
public_html is user/group bob/httpd
the perms are 2770
============================
Example 2:
All users on the system have a primary or secondary group "users"
/home/bob user/group bob/users
perms are 701
This explictly denies "users", yet allows Apache in (since it is running
as httpd).
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu May 23 2002 - 22:00:21 EST