it wouldnt compromise security setting coldfusion user to group nobody as long as you cover all the bases and make sure coldfusion couldnt do anything outside the scope it should
when you create a user with adduser you are able to set the default group if you dont it makes a group in the same name of the user but its not always needed that way Bill Wheatley Senior Database Developer Macromedia Certified Advanced Coldfusion Developer EDIETS.COM 954.360.9022 X159 ICQ 417645 ----- Original Message ----- From: "Brian Panulla" <[EMAIL PROTECTED]> To: "CF-Linux" <[EMAIL PROTECTED]> Sent: Wednesday, July 03, 2002 3:14 PM Subject: Re: Directory permissions for file UL/DL on Linux > At 03:04 PM 7/3/2002 -0400, you wrote: > >well did you setup in /etc/groups to put COLDFUSION user in the NOBODY > >GROUP? > > Yes. > > When I su to "coldfusion" and touch a file in the filelib directory, it > inherits the proper owner/group. Creating files with CFFILE is what > completely ignores the SGID bit. > > >it would be essentially the same if you have it group owned by coldfusion > >and coldfusion gid is nobody. > > Are you saying set the coldfusion and nobody groups to have the same GID? > That's an interesting wrinkle. What would that would break and/or compromise? > > >but as for the directory perms thing i couldnt tell you its a little odd by > >i know when you set the SGID it is not a mandatory thing you can set the > >FILEs to be whatever you want and that is PROBably what CF is doing. > >if you're really that pressed about it make a sh script and then have a > >CFEXECUTE to go through and "Proper" the permissions to your liking. > > Yeah. That's messy though. > > > > _____ > Brian Panulla [EMAIL PROTECTED] > Chief Information Officer 814.238.6680 > Elmwood Media Group www.elmwoodmedia.com > > ______________________________________________________________________ Structure your ColdFusion code with Fusebox. Get the official book at http://www.fusionauthority.com/bkinfo.cfm ------------------------------------------------------------------------------ Archives: http://www.mail-archive.com/cf-linux%40houseoffusion.com/ To Unsubscribe visit http://www.houseoffusion.com/index.cfm?sidebar=lists&body=lists/cf_linux or send a message to [EMAIL PROTECTED] with 'unsubscribe' in the body.
