What is "negative group permissions"? (Re: narawntapu security run output)
Barney Wolff
barney at databus.com
Sun Dec 23 16:32:56 UTC 2012
The r for other means that you have not accomplished your goal. It makes
no sense to have group with less permission that other, so the script is
warning of a misconfiguration.
On Sun, Dec 23, 2012 at 10:51:24AM -0500, Mikhail T. wrote:
> On 23.12.2012 03:05, Charlie Root wrote:
> > Checking negative group permissions:
> > 8903027 -rw--w-r-- 1 mi www 794277 Oct 23 07:47:45 2007 /home/mi/public_html/syb/order/download.log
> Hello!
>
> The above started to appear in the daily security run output after I
> upgraded to 9.1. I don't understand, what this check is doing or why the
> above file is reported -- what's abnormal (warning-worthy) about
> allowing the web-server to write to, but not read a file? I did it on
> purpose to keep all files associated with a project together, but
> without inadvertently serving some of them...
More information about the freebsd-stable
mailing list