RE: Directory permissions for file UL/DL on Linux

Wed, 03 Jul 2002 11:39:13 -0700 

Thanks for the confirmation. Now, to figure out how to do this somewhat 
securely. :)

If I can get the files created with the group owner of the Web server user, 
it should work. Problem is, this ain't happening automatically. I must be 
missing something.

Here's what my permissions are set to now on the file library directory:

Mode:   2750            rwx for owner (coldfusion),
                         r-s for group (nobody),
                         --- for all users

By setting the SGID bit in the directory, according to the Unix Sysadmin 
Handbook 3E (Nemeth/Snyder, et al), files created in that directory should 
inherit the group owner of the directory. They're not! When I create files 
with CFFILE, I can make them mode 640, but the group owner is always 
"coldfusion", not "nobody".

Any ideas? Is this a Linux problem, or is ColdFusion somehow ignoring this 
property of the unix filesystem?

-B

At 01:44 PM 7/3/2002 -0400, you wrote:
>The same thing is true on Unix platforms as well.
>The web server stub processes CFCONTENT for performance reasons.
>
>-----Original Message-----
>From: Dave Watts [mailto:[EMAIL PROTECTED]]
>Sent: Wednesday, July 03, 2002 12:25 PM
>To: CF-Linux
>Subject: RE: Directory permissions for file UL/DL on Linux
>
>
> > Why would the CF server be able to write to that directory,
> > but not be able to read files from it using CFCONTENT? Is
> > the CFContent tag somehow passing just a file reference to
> > Apache and saying "Here... give 'em this file" rather than
> > loading the file into memory and passing the file *contents*
> > back?
>
>On Windows, at least, the CFCONTENT tag is actually processed by the web
>server plugin, and runs within the security context of the web server user
>account.


_____
Brian Panulla                           [EMAIL PROTECTED]
Chief Information Officer               814.238.6680
Elmwood Media Group                     www.elmwoodmedia.com

______________________________________________________________________
Get the mailserver that powers this list at http://www.coolfusion.com
------------------------------------------------------------------------------
Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/
To Unsubscribe visit 
http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or send a 
message to [EMAIL PROTECTED] with 'unsubscribe' in the body.

Reply via email to