In replay to Michael Stauber <[EMAIL PROTECTED]>'s post: Not sure what you're getting at - would you care to elaborate?
To recap: >> No, fortunately this is not the case. Users are placed into groups >> based on their site (fred:site1, jill:site12 etc.). Although each user >> could see world-readable files...they would not be able to see files >> where permission has been granted only for a group they are not in. >>... >That's wrong, Ian. Let's run through this by example: > >... >So user "cbank" belongs to group "site19". Note that we were able to get that >information out of /etc/passwd which is a hillarious security breach to begin >with. Agreed. >Now note this: I did. All of the files have world-readable permisssions on them, some also with world-execute. >So even though user "cbank" doesn't belong to site3 he can browse the /web >directory of this site. And as the permissions are in the above case he has >read access to all files there. QED. I mentioned... >> Depends on the file permission. If the order file is created with >> world-readable permission, then the answer is yes. So in your example, since all files have world-read and some have world-execute, then any user from any site will be able to view them. >Mit freundlichen Gr��en / With best regards And also to you to. In other words, I have no wish or intention of getting into any daft flame wars or whatever. Please take this as a genuine query as to what you thought I'd got wrong. If I -have- got something wrong, I'd rather know about it. Cheers, Ian _______________________________________________ cobalt-developers mailing list [EMAIL PROTECTED] http://list.cobalt.com/mailman/listinfo/cobalt-developers
