httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Andrus" <eetas...@online.ee>
Subject [users@httpd] Re: How to create file which can be deleted by other
Date Mon, 12 Jan 2004 11:23:16 GMT
>You are making incorrect assumptions about how file permissions work.
>Setting mode 0777 (or 0666) on a file will allow any user to modify a
>file, but deleting a file is not modification.  The ability to delete
>depends solely on the permissions of the parent directory.
>The solution to your problem is to create a directory under /tmp, give
>the directory mode 0777, and create your files there with at least mode
>0666.
>You can have a file, owned by root, with mode 0000 in a directory and
>any user will be able to delete the file as long as said user has write
>permissions to the directory.
>I suppose there is an exception to this rule...  /tmp usually has the
>sticky bit set which means that even with mode 1777 only the user (or
>root) that creates a file can modify/delete it.  I suppose running the
>chmod command on the file as root overrides the stickiness (this might
>even be a bug in the filesystem code).

Aaron,

thank for you excellent explanation.

I think that best solution is to run my cgi script in the same account as my
server
program. Is it possible to configure Apache 1/Debian to run my cgi script
under ordinary user account using suexec? If not, can I switch to other user
account in C code ?
Or is making a subdirectory under /tmp or using /var/lib/myappl directory
better ?

Currently I changed httpd.conf lines to

User andrus
Group andrus

Is this good idea ?


---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message