[TYPO3-dev] createGroup / chgrp question
Steffen Gebert
steffen at steffen-gebert.de
Wed Jan 26 00:26:39 CET 2011
On 26.01.11 00:13, Henjo Hoeksma wrote:
> Hi devs,
>
> just trying to understand some basic ownership issues:
>
> I found that the basicFilefunctions class tries to set the group of a
> file/directory based on the settings in the install tool
> ([BE][createGroup]) with chgrp() function of php.
> In order to have this work apache should be a superuser on a system.
> That wouldn't make much sense when thinking about security...
I never used this setting, it could make sense, if the web server user
is in several groups (but the primary group is e.g. not the group which
the ftp users share with it).
That's what the PHP docu states:
> Only the superuser may change the group of a file arbitrarily; other users may change the group of a file to any group of which that user is a member.
Thus being member of both groups would allow to execute a chgrp().
Kind regards
Steffen
--
Steffen Gebert
TYPO3 Core Team Member
Use a newsreader! Check out
http://typo3.org/community/mailing-lists/use-a-news-reader/
More information about the TYPO3-dev
mailing list