Date: Thu, 18 Oct 2001 02:29:12 -0700 From: "Crist J. Clark" <cristjc@earthlink.net> To: Doug Barton <DougB@FreeBSD.org> Cc: "Andrey A. Chernov" <ache@nagual.pp.ru>, ports@FreeBSD.org Subject: Re: HEADS UP: Apache port change from nobody:nogroup to www:www planned Message-ID: <20011018022912.E373@blossom.cjclark.org> In-Reply-To: <20011017234403.W22111-100000@db-cvad-1-tmp.yahoo.com>; from DougB@FreeBSD.org on Thu, Oct 18, 2001 at 12:12:54AM -0700 References: <20011017155854.A43168@nagual.pp.ru> <20011017234403.W22111-100000@db-cvad-1-tmp.yahoo.com>
next in thread | previous in thread | raw e-mail | index | archive | help
[Follow-ups to developers@ removed to avoid the wrath of Brian.] On Thu, Oct 18, 2001 at 12:12:54AM -0700, Doug Barton wrote: [snip] > I'm a little confused by what you mean here. Is our apache port > setting ownership on any files to user nobody? If so, it should be fixed > not to do that. The point of user nobody is to have a user that does not > own any file on the system (as you describe) but is able to read files > that are world readable. Take a look at /etc/periodic/weekly/310.locate > for a good example. Can you describe what exactly apache is doing wrong? Actually, /etc/periodic/weekly/310.locate is not a good example. It abuses the 'nobody' account since it gives /var/db/locate.database ownership by 'nobody.' I made patches to fix this a few weeks ago, but the locate(1) maintainer is sitting on them. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20011018022912.E373>