httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From r.pl...@t-online.de (Rüdiger Plüm)
Subject Re: Permissions of directories created by mod_disk_cache
Date Tue, 05 Oct 2004 19:39:44 GMT


Jeff Trawick wrote:
> On Tue, 05 Oct 2004 14:25:51 +0200, Rüdiger Plüm <r.pluem@t-online.de> wrote:
> 
>>Hi all,
>>
>>I noticed that the permissions of the directories created by mod_disk_cache are set
to
>>700 whereas the permissions of the files storing the header information respect the
>>umask and thus have more permissions (at least in my case with my umask).
> 
> 
> Your umask setting can further restrict the permissions specified by
> Apache, but it cannot be used to make the permissions more liberal.

That is quite clear. This is the reason why I want Apache to create the directories with more
liberal permissions. Users which want to have more strict permissions can use the umask to
restrict
the permission. My intention was to discuss the following points / questions:

1. If the permissions are more liberal, does this create a default configuration which most
    people here would regard as too insecure.

2. As the umask can only be set to one fixed value before the start of Apache using the umask
    to restrict the permissions of the directories would also restrict the permissions of
other
    files created by Apache (especially logfiles). So people might regard the umask approach
    to be undesirable.

> 
> What permissions do you suggest for the directories?
> 
> 

I would propose the approach to create them with 777 and let the umask do the restrictions
(on most systems I guess the umask is at least set to 002 or 022), but 770 would be sufficient
for me.

Mime
View raw message