[ic] products directory setgid

Mike Heins mikeh@minivend.com
Tue, 31 Oct 2000 18:46:07 -0500

Quoting Jean-Philippe Bouchard (jeanphil@sitepak.com):
> Hello folks,
> Two questions.
> First, why is the products directory setgid? What does it mean exactly
> to be setgid for a directory?

Standard UNIX FAQ -- it causes new files created in that directory to
default to the same group as the directory.

> Second, we are setting catalogs for several users on the same system and
> we thought of implementing the following scheme. The interchange server
> runs as user interch and this user is in the group interch (the only one
> in that group). Every files and directories under every catalog
> directories are owned by the catalog user and the group is interch (even
> though the user isn't in the group; our sysadmin told us we can do
> this). This way, the interchange server can read/write/create/delete
> those files. Since no one is in the group interch besides interch, that
> makes it as safe as the M (MULTIPLE GROUP) makecat scheme. I was
> wondering why you don't offer this scheme in makecat? Wouldn't it be
> simpler to have only one group instead of having to put the interchange
> user in every catalog users' group.

The problem is that the user can't create a directory that will operate
that way. So it would be impossible for the user to create files that
can be operated on by Interchange....of course if all directories are
always setgid then that is no problem, but I doubt you can expect your
users to figure that out. 8-)

Akopia, Inc., 131 Willow Lane, Floor 2, Oxford, OH  45056
phone +1.513.523.7621 fax 7501 <heins@akopia.com>

Unix version of an Outlook-style virus:
It works on the honor system. Please forward this message to everyone
you know, and delete a bunch of your files at random.