On 4/11/07, Joshua Gimer <[EMAIL PROTECTED]> wrote:
We have several production web servers and I am trying to figure out a way to removing world write support from chmod. I have already written a wrapper for the chmod command, but it does not seem to work within sftp; has anyone encountered anything that could help in implementing this, or have any suggestions
You mean, make it so that chmod o+w doesn't work? Intuition from hanging around misc@ long enough tells me that there is a good reason to keep this support, and that you're trying to solve the wrong problem. But if you really want this you should edit chmod's source code directly; it's simpler, and any wrapper would have to have access to the original, and any user would have to have access to the wrapper, and so because of the way unix permissions work any user would still have access to chmod (I think, right?); you're not really planning on security by obscurity are you? -Nick
