Yes, sorry, that's what I meant in the first sentence: www-data is a member
of the staff group.
On 12/1/05 11:11 AM, "Olaf van der Spek" <[EMAIL PROTECTED]> wrote:
> On 12/1/05, Sage Weaver <[EMAIL PROTECTED]> wrote:
> Apache is a member of the
> staff group, yes, and that seems to have no
> eff
On 12/1/05, Sage Weaver <[EMAIL PROTECTED]> wrote:
> Apache is a member of the staff group, yes, and that seems to have no
> effect. Moreover, the directory in which the file is being created is owned
> by the www-data user.
>
> Specifically, I have a "files" directory that is owned by www-data an
Apache is a member of the staff group, yes, and that seems to have no
effect. Moreover, the directory in which the file is being created is owned
by the www-data user.
Specifically, I have a "files" directory that is owned by www-data and
grouped to staff:
$ ls -ld files
drwxrwsr-x 2 www-data s
On 11/29/05 4:13 PM, "Nick Kew" <[EMAIL PROTECTED]> wrote:
> On Tuesday 29 November 2005 21:35, Sage Weaver wrote:
>
>> I have found that in every instance, Apache ignores the setgid bit.
>
> Apache has no privilege to do anything else. That's elementary
> security imposed by the operating syst
On Tuesday 29 November 2005 21:35, Sage Weaver wrote:
> I have found that in every instance, Apache ignores the setgid bit.
Apache has no privilege to do anything else. That's elementary
security imposed by the operating system.
--
Nick Kew
On 11/29/05, Sage Weaver <[EMAIL PROTECTED]> wrote:
> I have a Debian 3.1 server on which I am currently running Apache 2.0.54
> (packaged by Debian) and PHP 5.0.3 (compiled from source).
>
> I have used a couple of web applications (CMS software packages) that allow
> me to upload files to a speci
I have a Debian 3.1 server on which I am currently running Apache 2.0.54
(packaged by Debian) and PHP 5.0.3 (compiled from source).
I have used a couple of web applications (CMS software packages) that allow
me to upload files to a specified directory. That directory has setgid
permissions on it,
