[ILUG] umask query
Sean O Sullivan
seanos at netsoc.itcarlow.ie
Sat Apr 23 00:04:31 IST 2005
Colm MacCarthaigh wrote:
>On Fri, Apr 22, 2005 at 11:32:33PM +0100, Sean O Sullivan wrote:
>
>
>>>It's hardcoded into libc. glibc for example defines the macro
>>>DEFFILEMODE. *nix systems never create executable files without
>>>an explicit chmod, it's just part of the security model.
>>>
>>>It's a *really* bad idea changing this.
>>>
>>>
>>>
>>I agree ... however may not have a choice sadly.
>>
>>
>
>I dunno, this is up there with the "I really have no choice but to run
>an open relay" line of argument. You want to reduce Linux to a
>Windows-like security model. There are always ways to work around things
>:)
>
>Can you change how the files are executed?
>
> I get the feeling that you're trying to allow people to upload some CGI
>using mod_dav and have them then be executable.
>
>
>
If the client came and paid X amount of money, I'd be happy to run an
open relay for them - however would inform them that it's /bad/ &
shouldn't be done, and give them all the downsides & reasons why /not/
to do it ...
Yes I'll be looking into work arounds (I'd regard mod_umask as a
workaround...), and I'll be sure to keep looking however if none are
found which are suitable, and it's insisted that it must done in a
particular way, I can't do much...
More information about the ILUG
mailing list