Stas Bekman <[EMAIL PROTECTED]>
At 11:11 PM 12/13/00 +0100, you wrote:
>
>On Wed, 13 Dec 2000, George Sanderson wrote:
>
>> At 10:29 PM 12/13/00 +0100, you wrote:
>> Do you want me to email you a *.tar.gz file?
>
>No. Please post the URL.
<http://www.xorgate.com/FileMan/FileMan-0.01.tar.gz>http://www.xorgate.com/
FileMan/FileMan-0.01.tar.gz
>> >What do you mean by having aspects? Is it a question, or you does the
>> >module provides all the answers?
>> >
>> I set the GID on the files and directories for the users that are
>> authenticated. Also the
>> GID of the files and directories are check before any significant commands
>> are executed.
>
>Hmm, are you running the server as root? How can you set different GID
>than.
>
No, Apache runs with a common "webuser" ID, just like normal Apache children.
All I do
is create a new UNIX /etc/group and make webuser a member of that group.
When Apache creates files via FileMan, their UID is "webuser" (Apache's
PUID). When a user is authorized, FileMan picks up a GID from an Apache
environment variable for that user. Since Apache owns the file and is a
member
of the group, it can change the GID of the files.
>> I'm investigating multiple membership and how that might be done.
>
>May be you should be more explicit in your question? What are you trying
>to accomplish and you don't get it?
This is not really a question. I am just mumbling. Currently I have only
two
levels, of access control in FileMan, namely, "admin", and "user". I think
there is a need for an intermediate level, that is, being able to run all the
commands, but not able to change GIDs of the files.