Re: [users@httpd] Apache 2 ignores setgid directory perms

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Apache is a member of the staff group, yes, and that seems to have no
effect.  Moreover, the directory in which the file is being created is owned
by the www-data user.

Specifically, I have a "files" directory that is owned by www-data and
grouped to staff:

$ ls -ld files
drwxrwsr-x  2 www-data staff 4096 2005-11-28 13:38 files

But the uploaded file doesn't obey the setgid on the directory:

$ ls -l files/upload.test
-rw-r-----  1 www-data www-data       0 2005-11-28 13:36 files/upload.test

I really need to figure out why this is, and how to fix it.  Does anybody
have a clue?  Have I missed something in the documentation?



On 11/29/05 3:52 PM, "Olaf van der Spek" <olafvdspek@xxxxxxxxx> wrote:

> On 11/29/05, Sage Weaver <sage@xxxxxxxxxxx> wrote:
> I have a Debian 3.1
> server on which I am currently running Apache 2.0.54
> (packaged by Debian)
> and PHP 5.0.3 (compiled from source).
>
> I have used a couple of web
> applications (CMS software packages) that allow
> me to upload files to a
> specified directory.  That directory has setgid
> permissions on it, so that
> all files created inside it are grouped to staff,
> allowing anyone in that
> group to manipulate the files from the command line
> if need be.
>
> I have
> found that in every instance, Apache ignores the setgid bit.  All
> files
> created by the web server are owned by www-data (the default user for
> Apache
> on Debian), and grouped to www-data as well, despite the fact that
> the
> directory is grouped to staff.
>
> Is this behavior intentional?  Can it be
> changed?  If so, how?

Apache runs as www-data (IIRC). Is www-data member of
> group staff? If
not, user www-data can't create files owned by group staff.



---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
   "   from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
[Index of Archives]     [Open SSH Users]     [Linux ACPI]     [Linux Kernel]     [Linux Laptop]     [Kernel Newbies]     [Security]     [Netfilter]     [Bugtraq]     [Squid]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Samba]     [Video 4 Linux]     [Device Mapper]

  Powered by Linux