From: "Tim Tompkins" <[EMAIL PROTECTED]>
At 09:55 AM 12/1/00 -0700, you wrote:
>I'd put it someplace that is only accessible to the web user if you're going
>to do that.
>
>
>From: "Jorge Godoy" <[EMAIL PROTECTED]>
>On Wed, 29 Nov 2000, [EMAIL PROTECTED] wrote:
>>
>> Any ideas about the best way to change the permissions and UID?
>
>Create an external minimum perl script with the SUID bit set and with
>root as it's owner. Use this script to change the file
>permissions.
>
Prior to creating any file, the user would have been authenticated and an
authorize module would have supplied the UID to be used for the request in
an environment variable. The location of the user's files has to read by
Apache so such that it can serve the files (HTML).
The rational behind setting the UID of the files (and directories) is to
allow each user to be able to create files that are protected from other
users who may also be providing files. Each users files are confined to
certain sub-directory stubs.
>From a security stand point, I have to be careful about restricting access
to any external routine that is owned by root which would be used to change
the UID of files. Also, others would be very reluctant to install such an
external routine.
I'm not real keen about implementing an "external minimum" program. I
would like to do the task from within the (Apache Perl) module so that it
would be "more portable" and would not require any special considerations
for installation.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
