Am 24.03.2014 13:26, schrieb Florian Weimer: > On 03/24/2014 01:23 PM, Reindl Harald wrote: > >>> It's still very difficult to securely process uploaded files under a different user account. Some SFTP clients set >>> restrictive permissions on upload, and the OpenSSH implementation does not allow to bypass that. >> >> man umask >> >> [root@rh:/downloads]$ cat /etc/ssh/sshd_config | grep internal-sftp >> Subsystem sftp internal-sftp -u 006 > > umask doesn't apply to explicit chmod besides that we get way too off-topic and my first reply was in context of "because ssh is giving too much access" which is a wrong anecdote: fine, the same applies for samba, ftp and any other file transfer protocol if you want 100% defined permissions you need to use inotify and handmade daemons in any case because the client can fire always a chmod of files he own
Attachment:
signature.asc
Description: OpenPGP digital signature
-- devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/devel Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct
