Restricting users to their own home directories / not letting
users view other users files...?
Jonathan McKeown
jonathan+freebsd-questions at hst.org.za
Thu Feb 12 01:36:33 PST 2009
On Thursday 12 February 2009 03:07:42 Paul Schmehl wrote:
>
> Sorry if I wasn't clear.
>
> I wasn't suggesting that the *users* chgrp the files. Keith would do that
> as root. Then he sets the setgid bit to www (or whatever the web user is),
> and from that point going forward any files created by the user would be
> user:www instead of user:user. Set the umask to 027, and world has no
> readability.
>
> This is exactly how I used to handle some files on a webserver that I
> maintain that other people needed to be able to edit, add and delete files
> from. Once the sgid bit is set, the group membership of the files remains
> www no matter what user creates/touches a file.
Erm, isn't this only true for Linux and other SysV-type systems?
Unless I'm remembering wrong, in FreeBSD files are always created with group
ownership the same as the directory they're created in - so all you need to
do is change the group ownership of the directory (which has to be done by
root).
Jonathan
More information about the freebsd-questions
mailing list