Article 13706 at 08/08/08 23:08:19 From: bq (at mark) aviaweb.com Subject: [coba-e:13706] Re: apache suexec

Index: [Article Count Order] [Thread]
Date:  Fri, 8 Aug 2008 10:07:51 -0400
From:  "Stephanie Sullivan" <bq (at mark) aviaweb.com>
Subject:  [coba-e:13706] Re: apache suexec
To:  <coba-e (at mark) bluequartz.org>
Message-Id:  <01ab01c8f960$27c3a910$774afb30$@com>
In-Reply-To:  <020f01c8f91f$47efa810$967da8c0@thomasferrari>
References:  <200807311849.m6VInpS5011718 (at mark) ana.xnet.com.mx> <09bc01c8f338$a3bbef60$6601a8c0 (at mark) OfficeKen> <822d01c8f89b$702b14b0$967da8c0 (at mark) thomasferrari> <08d501c8f91d$b6ee7db0$6601a8c0 (at mark) OfficeKen> <020f01c8f91f$47efa810$967da8c0 (at mark) thomasferrari>
X-Mail-Count: 13706

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

With respect to the original question - why does apache create files with
the ownership of apache.apache and why with protections of only owner write?

After (gasp!) reading documentation, mostly man pages, and playing around
with it a little, I have learned (and tested) the reason is the "s" bit on
the directory as in:

chmod g+s some_direcory

What this does is force the group ownership of files created in the folder
to be the same as the folder. One can also use the o+s to force the
username.

The above works *without* commenting the "group apache" line in
/etc/httpd/conf/httpd.conf

I have not found a way to force a umask on a particular folder or from
within php or apache.

Hope this is helpful on this topic.

	-Stephanie


-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.8.3 (Build 4028)
Charset: us-ascii

wj8DBQFInFM7RmFh0h8+YHsRAqq9AKCJF6ElZ+8txfU3Z00d8jGvwsGkyACg56wP
jG1VxLCw4kwbGuRPmVIevU8=
=WNdM
-----END PGP SIGNATURE-----