You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@httpd.apache.org by "Victor J. Orlikowski" <v....@gte.net> on 2000/11/02 19:45:22 UTC

File modes....

Hello all,

      While playing with the logging patch, I found something that
didn't quite sit right. This may be a FAQ, but I'll ask it anyway.
Why would we ever go about creating a file with mode 0666 in the
server (especially a log file)?

These were the three lines that caught my attention...

main/http_main.c:2135:    scoreboard_fd = ap_popenf(p,
ap_scoreboard_fname, O_CREAT | O_BINARY | O_RDWR, 0666);

modules/proxy/proxy_cache.c:326:        if ((timefd = creat(filename,
0666)) == -1) {

support/rotatelogs.c:73:            nLogFD = open(buf2, O_WRONLY |
O_CREAT | O_APPEND, 0666);

I figure that there is a good reason for this, but I'm not seeing it.

Victor
-- 
Victor J. Orlikowski
======================
v.j.orlikowski@gte.net
vjo@raleigh.ibm.com
vjo@us.ibm.com

Re: File modes....

Posted by Greg Stein <gs...@lyra.org>.

On Sun, Nov 05, 2000 at 02:59:17AM +0000, Tony Finch wrote:
> "Victor J. Orlikowski" <v....@gte.net> wrote:
> >
> >      While playing with the logging patch, I found something that
> >didn't quite sit right. This may be a FAQ, but I'll ask it anyway.
> >Why would we ever go about creating a file with mode 0666 in the
> >server (especially a log file)?
> 
> Because it's the standard file creation mode; it's up to the admin to
> set an appropriate umask to reduce the modes to the level of security
> appropriate to the machine. It's the Unix Way.

Why should we give them the rope? It seems reasonable to at least make it
0660 to fix up the default case.

I mean, geez... we don't give them any specific control points to adjust
that value or doc to where/how to change it. Seems to just be asking for an
admin to get it wrong.

Cheers,
-g

-- 
Greg Stein, http://www.lyra.org/

Re: File modes....

Posted by Tony Finch <do...@dotat.at>.

"Victor J. Orlikowski" <v....@gte.net> wrote:
>
>      While playing with the logging patch, I found something that
>didn't quite sit right. This may be a FAQ, but I'll ask it anyway.
>Why would we ever go about creating a file with mode 0666 in the
>server (especially a log file)?

Because it's the standard file creation mode; it's up to the admin to
set an appropriate umask to reduce the modes to the level of security
appropriate to the machine. It's the Unix Way.

Tony.
-- 
en oeccget g mtcaa    f.a.n.finch
v spdlkishrhtewe y    dot@dotat.at
eatp o v eiti i d.    fanf@covalent.net