[CentOS] sticky folder permissions
Tom Brown
tom at ng23.net
Tue Jul 22 15:36:18 UTC 2008
>
> What are the applications? What is the directory structure? Is the
> permission problem on a directory or a file? What user account owns
> the application process? Is the app un-doing your manual permission
> changes on existing files and directories, or just not granting read
> permission to new objects?
>
>
in house apps running out of /opt/<appname> and logging into
/opt/<appname>/logs and are running as user <appname>
need to have world read on /opt/<appname>/logs
when permissions are 'manually' set when the app is redeployed it seems
that the world read is removed (i am investigating why this is)
> If an application so chooses, it can set whatever permissions it wants
> on newly created files. It may even have logic to alter the
> permissions on existing files. You may not be able to control it from
> the OS level.
>
> Or, it could be as simple as setting (or changing) the umask in the
> application startup script.
>
>
i was hoping at the OS level i could limit what the app could do with
the permissions as the app is not running as root. it seems i cant do
that so i will need to look at how the app is deployed and why the perms
are being reset/overwritten.
More information about the CentOS
mailing list