File create permissions, what am I missing?
Stijn Hoop
stijn at win.tue.nl
Sun Aug 14 06:39:01 GMT 2005
On Sun, Aug 14, 2005 at 03:01:52AM -0300, João Carlos Mendes Luís wrote:
> I could not find any vulnerability, but I do not like the idea that a
> user could create files belonging to a group himself does not belong.
It can come in handy sometimes. I have apache setup in a specific
group. The document root on which it operates is owned by a user that
owns that website. The group owner of that directory is set to the
apache group, and luckily the user does not need to be in that group.
This way a user can control availability of files on the web by simply
denying group access, without needing to belong to yet another group
just for the sake of being able to do just that.
--Stijn
--
"I'm not under the alkafluence of inkahol that some thinkle peep I am. It's
just the drunker I sit here the longer I get."
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20050814/846e279d/attachment.bin
More information about the freebsd-hackers
mailing list