Sorry, I didn't make as much sense as I meant to. Basically, I was wondering if it is possible for the default group permissions to change on a created file. like:
I create a file in /var/www called 'test' it is normally: -rw-r--r-- 1 rvf www-files 0 Jan 16 20:05 test I would like it to be like this automatically: -rw-rw-r-- 1 rvf www-files 0 Jan 16 20:05 test Sorry about the confusion. -Rob On Tue, Jan 16, 2001 at 03:34:42PM -0900, Ethan Benson wrote: > On Tue, Jan 16, 2001 at 07:22:05PM +0000, Rob VanFleet wrote: > > I have the permissions on /var/www set so that any file created within > > it is owned by www-data. Currently, www-data does not have write access > > to the files. What I want to do is set it up so that any file created > > in /var/www is owned by www-data and www-data has write permissions to > > it, so that files created by different people can be edited by anyone in > > www-data. > > first this is a very bad thing to do, now the web server will have > write permission to your entire site, and if its compromised the > attacker will be able to replace it. normally a httpd compromise won't > allow for site defacement since no files are owned by the web server > account: www-data. > > you should create a different account for this purpose. > > > I hope that made sense. > > > > Is there some sort of way of setting a group umask maybe? > > you can force all files to be created with a certain *group* > ownership, but not with a certain *user* ownership. > > chgrp www-files (not www-data) /var/www > chmod 2755 /var/www > > now when you create files in /var/www as user `joe' the ownership will > be joe.www-files > > if you want to have it so when joe creates a file there it gets > ownership www-files.www-files. this is impossible. > > -- > Ethan Benson > http://www.alaska.net/~erbenson/
