[sllug-members]: HTTP Directory Permissions Best Practices
Jeff Schroeder
jeff at zingstudios.net
Wed Sep 20 11:00:24 MDT 2006
Andrew asked:
> If a user is a member of a file's group that has
> no group permissions, but the file has wide open "other" access,
> should the user be able to access the file?
Not at all. The permissions are user+group+world, and "world" means
"not in this group". In other words, if I'm user "jeff" in group
"users", and my directory is chmod 705, then I can see it and write to
it (I have rwx permission), and anyone NOT in the "users" group can see
it (with r-x permission). In the example I gave, Apache is in the
"nobody" group so it can see the web files. No other users (who are
all in the "users" group) can see them.
HTH,
Jeff
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://sllug.org/pipermail/sllug-members/attachments/20060920/68052d1d/attachment.pgp
More information about the sllug-members
mailing list