Re: allowing users to write to a web content area

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Mon, 16 May 2011, Nicolas Thierry-Mieg wrote:

> This would give apache write access to the site contents, which is bad
> practice.
>
> It also won't solve the umask issue.
> Since the OP wants all members of webdev1 to have write access to site1,
> he needs the setgid bit active on site1/ . And he needs all files in
> site1/ to be 664 as he says.
> But with a umask 077 for all users, any new file created by a user will
> be 600.
> I don't know how to solve that cleanly at file creation (but I don't
> know ACLs).
> You could ask your users to try to remember to chmod any new files; and
> have a find command running in cron regularly to do the chmod when they
> forget.

ACLs sounds like a perfectly reasonable solution to me.  Default ACLs set on a
directory apply to files/directories created within it, so there shouldn't be
a file creation issue.

A periodic scan from a cron find isn't a bad idea either, as it provides you a
mechanism to reimpose correctness even if people do something wrong.  I don't
think you're likely to find that happens to much with ACLs and most people
don't understand how to use them so won't change them ;)

jh
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos


[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux