[Gllug] User/apache file permissions question

Ken Smith kens at kensnet.org
Tue Jan 9 19:45:19 UTC 2007


- Tethys wrote:

> On 1/8/07, Ken Smith <kens at kensnet.org> wrote:
>
>> I want to give someone access to one of the directories via SCP to
>> update the content. What is the recognised way of doing this.... without
>> giving full access to everything....obviously.
>
>
> Just make the directory to which the files will be uploaded setgid,
> and give it group owership of the user in question (assuming your
> distro uses per-user primary groups, which most do these days).
>
> Since you're not going to be sharing files with other users, you
> probably don't even need to worry about the umask problems that have
> been mentioned in another thread. So long as the apache process can
> read the files (which it will be able to do with both a 0002 and 0022
> umask -- the only two likely values), then you should be fine.
>
> Or by "without giving full access to everything", do you mean avoiding
> giving shell access? If so, it's still possible, but harder. A
> restricted shell might be enough to achieve that (if you're careful
> with the path).
>
> Tet

Thank you guys - fixed now

Ken

-- 
This message has been scanned for viruses and
dangerous content by MailScanner, and is
believed to be clean.

-------------- next part --------------
-- 
Gllug mailing list  -  Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug


More information about the GLLUG mailing list