httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Greg Stein <gst...@lyra.org>
Subject Re: umask and modules/dav/fs
Date Tue, 16 Jul 2002 03:24:56 GMT
On Sun, Jul 07, 2002 at 06:51:25PM -0500, Scott Lamb wrote:
> I'd like to allow people to update a website either through their shell 
> account or WebDAV. My problem is permissions. I can make a group 
> "somewebsite" including users apache, bob, and charlie. Then I can make 
> all the directories setgid. When bob and charlie make new files or 
> directories, everything works out.

mod_dav considers its repository to be private. You are not allowed to
provide access to that repository to users other than the Apache process.
Otherwise, you could end up with all kinds of permission problems, symlink
and hard link issues, corrupted locks and property databases, etc.

>...
> I think the answer is yes. In my situation, just setting the umask 
> globally would work.

Yup. As Jeff pointed out: just set the umask before starting Apache.

> Are there situations where it'd need to be set on a 
> per-directory basis? I.e., is there need for a "DavUmask" directive that 
> can be set in <directory> containers?

Considering that the design decision is that the repository is private, then
the answer is "no". As long as Apache can read/write the files and dirs,
then everything is fine.

Cheers,
-g

-- 
Greg Stein, http://www.lyra.org/

Mime
View raw message