Re: /var/lib/apache/mod-bandwidth world-writable [forwarded]

[Fabio Massimo Di Nitto <fabbione@fabbione.net>]

On Fri, 6 Feb 2004, Philipp Weis wrote:

> Hi,
>
> On 04 Feb 2004, Fabio Massimo Di Nitto <fabbione@fabbione.net> wrote:
> > >From mod-bandwith source/documentation:
> >
> >  * 3) Create the following directories with "rwx" permission to everybody :
> >  *    /tmp/apachebw
> >  *    /tmp/apachebw/link
> >  *    /tmp/apachebw/master
>
> Thanks for pointing me to the source documentation. But I do not get it at
> all. Could you please explain why rwx permissions are needed for any user?
> Why isn't a 770 on www-data sufficient? The only reason I can come up with
> is an suexec-enabled apache, but that is as far as I know not the default
> in debian.

It is possible to select suexec or not at install time.

> I'd prefer a more sane default on the write permissions of those
> directories. If 777 permissions are really necessary in some cases, this
> should be added to the mod_bandwidth documentation.

It is already in the code but if you think a note is required we can add
it. I don't see any problem with it.

>
> If you are not sure under what circumstances 777 permissions are required,
> I'd be willing to investigate further.

Yes please. That would be very nice since i am not a mod_bandwith user.

Thanks
Fabio

-- 
Our mission: make IPv6 the default IP protocol
"We are on a mission from God" - Elwood Blues

http://www.itojun.org/paper/itojun-nanog-200210-ipv6isp/mgp00004.html