Re: [greenstone-devel] file permissions

From John R. McPherson
DateWed, 15 Oct 2003 09:14:41 +1300
Subject Re: [greenstone-devel] file permissions
In-Reply-To (3F8BC246-90300-asti-dost-gov-ph)
On Tue, Oct 14, 2003 at 05:30:46PM +0800, Ivy Cabeza wrote:
> hi,
> i noticed that the collection files are globally writable. is there a
> reason why the collection files are globally writable? can i make it
> writable only to the owner of the collection and to the "gsdl" group not
> to all users? that way, i can be sure that only those who have proper
> access can delete collection files.
> thanks.

I think the reason the files are made writable is so that the
webserver can modify files when the Collector web interface is used to
manage collections.

If you are not going to use the Collector, I would recommend creating a
"gsdl" group and only adding users you want to edit collections to that
group, as you suggested. On a unix platform you could also make the library
executable "set group ID" so that the executable runs with those group
permissions as well, especially if there are many users who have accounts
on that machine.

John McPherson