httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Martin Pool <...@linuxcare.com>
Subject Re: rotatelogs file permissions?
Date Tue, 01 Feb 2000 23:14:12 GMT
On Tue, Feb 01, 2000 at 02:42:13PM -0500, Cliff Woolley wrote:

>   I just started using rotatelogs from src/support, and noticed that it
> does its open() with initial file permissions for the logs set to 0666. 

This is a pretty common idiom on unix: the assumption is that the user
has set their umask appropriately, and so giving maximum permission in
the open() gives the maximum flexibility to the user.  It's not
unreasonable, for example, that on some systems the logs might be
group-writable if there are several web servers installed.  

The only time when a program should use lower permissions is if it
requires the file to be restricted, such as an OpenSSH private-key
file, where 0600 would be OK.

Of course, the percentage of Red Hat users who know what umask is is
falling every month. :-)

> Why is that?  I'd have assumed it would be 0644.  I changed mine to 0644
> in the source and recompiled and it works fine...  <shrug>  As far as I
> can tell, it's been 0666 ever since rotatelogs was introduced.

Having said that it would be a bit hard to set the umask for the log
script alone, which is really what you want.

Perhaps a patch to add an option to set this would be accepted.  For
consistency with GNU, it might be good to make it

  -m, --mode=MODE   set permission mode (as in chmod), not rw-rw-rw- - umask

--  
Martin Pool, Guy from Queensland, Linuxcare, Inc.
+61 2 6262 8990
mbp@linuxcare.com, http://www.linuxcare.com/
Linuxcare. At the center of Linux.

Mime
View raw message