[Gllug] User/apache file permissions question
- Tethys
tethys at gmail.com
Tue Jan 9 17:32:17 UTC 2007
On 1/8/07, Ken Smith <kens at kensnet.org> wrote:
> I want to give someone access to one of the directories via SCP to
> update the content. What is the recognised way of doing this.... without
> giving full access to everything....obviously.
Just make the directory to which the files will be uploaded setgid,
and give it group owership of the user in question (assuming your
distro uses per-user primary groups, which most do these days).
Since you're not going to be sharing files with other users, you
probably don't even need to worry about the umask problems that have
been mentioned in another thread. So long as the apache process can
read the files (which it will be able to do with both a 0002 and 0022
umask -- the only two likely values), then you should be fine.
Or by "without giving full access to everything", do you mean avoiding
giving shell access? If so, it's still possible, but harder. A
restricted shell might be enough to achieve that (if you're careful
with the path).
Tet
--
Gllug mailing list - Gllug at gllug.org.uk
http://lists.gllug.org.uk/mailman/listinfo/gllug
More information about the GLLUG
mailing list