On 11/29/05 4:13 PM, "Nick Kew" <nick@xxxxxxxxxxxx> wrote: > On Tuesday 29 November 2005 21:35, Sage Weaver wrote: > >> I have found that in every instance, Apache ignores the setgid bit. > > Apache has no privilege to do anything else. That's elementary > security imposed by the operating system. I don't understand. By the operating system's rules (or at least the file system's), the file that is created should be owned by www-data and grouped to the same group as the directory. If I "sudo -u www-data touch test.file" that's what happens. Why does the apache process itself operate under different rules? More importantly, is there any way to change this, or any particularly heinous reason why it shouldn't be changed? --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|