Re: Secure Unix permissions for an Apache website developer

From: Stefan Monnier (monnier_at_iro.umontreal.ca)
Date: 04/20/04


Date: Mon, 19 Apr 2004 22:36:25 GMT


> The users need to use the newgrp command before they work in the
> development/DocumentRoot directory. If they forget to newgrp they might
> create files of the wrong group (fixable with chgrp), or they may not be
> able to create (based on the permissions of the dir).

I prefer to use the setgid bit on directories this way there's no newgrp
funny business.

        Stefan



Relevant Pages

  • Re: Secure Unix permissions for an Apache website developer
    ... > The users need to use the newgrp command before they work in the ... > development/DocumentRoot directory. ... If they forget to newgrp they might ... funny business. ...
    (comp.os.linux.setup)
  • Re: Secure Unix permissions for an Apache website developer
    ... > The users need to use the newgrp command before they work in the ... > development/DocumentRoot directory. ... If they forget to newgrp they might ... funny business. ...
    (comp.os.linux)
  • Re: The newgrp command
    ... When I as a user used newgrp to switch myself to a new ... > newgrp command is the one that needs the group passwd. ... group, by default, will be that user's primary group. ...
    (Fedora)
  • Re: Incompatible group permission - Is it a bug?
    ... or use the newgrp command. ... I had a look at the newgrp source code and it does what i expect it to do. ... This means that it is executed with root permission with any user. ...
    (Debian-User)