well did you setup in /etc/groups to put COLDFUSION user in the NOBODY GROUP? it would be essentially the same if you have it group owned by coldfusion and coldfusion gid is nobody. but as for the directory perms thing i couldnt tell you its a little odd by i know when you set the SGID it is not a mandatory thing you can set the FILEs to be whatever you want and that is PROBably what CF is doing. if you're really that pressed about it make a sh script and then have a CFEXECUTE to go through and "Proper" the permissions to your liking.
Bill Wheatley Senior Database Developer Macromedia Certified Advanced Coldfusion Developer EDIETS.COM 954.360.9022 X159 ICQ 417645 ----- Original Message ----- From: "Brian Panulla" <[EMAIL PROTECTED]> To: "CF-Linux" <[EMAIL PROTECTED]> Sent: Wednesday, July 03, 2002 2:54 PM Subject: RE: Directory permissions for file UL/DL on Linux > Thanks for the confirmation. Now, to figure out how to do this somewhat > securely. :) > > If I can get the files created with the group owner of the Web server user, > it should work. Problem is, this ain't happening automatically. I must be > missing something. > > Here's what my permissions are set to now on the file library directory: > > Mode: 2750 rwx for owner (coldfusion), > r-s for group (nobody), > --- for all users > > By setting the SGID bit in the directory, according to the Unix Sysadmin > Handbook 3E (Nemeth/Snyder, et al), files created in that directory should > inherit the group owner of the directory. They're not! When I create files > with CFFILE, I can make them mode 640, but the group owner is always > "coldfusion", not "nobody". > > Any ideas? Is this a Linux problem, or is ColdFusion somehow ignoring this > property of the unix filesystem? > > -B > > At 01:44 PM 7/3/2002 -0400, you wrote: > >The same thing is true on Unix platforms as well. > >The web server stub processes CFCONTENT for performance reasons. > > > >-----Original Message----- > >From: Dave Watts [mailto:[EMAIL PROTECTED]] > >Sent: Wednesday, July 03, 2002 12:25 PM > >To: CF-Linux > >Subject: RE: Directory permissions for file UL/DL on Linux > > > > > > > Why would the CF server be able to write to that directory, > > > but not be able to read files from it using CFCONTENT? Is > > > the CFContent tag somehow passing just a file reference to > > > Apache and saying "Here... give 'em this file" rather than > > > loading the file into memory and passing the file *contents* > > > back? > > > >On Windows, at least, the CFCONTENT tag is actually processed by the web > >server plugin, and runs within the security context of the web server user > >account. > > > _____ > Brian Panulla [EMAIL PROTECTED] > Chief Information Officer 814.238.6680 > Elmwood Media Group www.elmwoodmedia.com > > ______________________________________________________________________ Your ad could be here. Monies from ads go to support these lists and provide more resources for the community. http://www.fusionauthority.com/ads.cfm ------------------------------------------------------------------------------ Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
