*nix permissions model; also, I started a minor flamewar in #linux

From: James Nylen 
------------------------------------------------------
Ugghhhh.  (Imagine Sideshow Bob stepping on a rake).

I got on IRC and asked WHY the restriction is in place that you are only
allowed to do:

chgrp some

=============================================================== From: Dan Lyke ------------------------------------------------------ On Sun, 22 Jul 2012 22:13:42 -0400 James Nylen wrote: So I can imagine situation in which you'd create an executable that would execute under a group you normally don't have permissions to execute under, but if you could fool something else into executing that script... Anyway, here's a 3rd options: Create a setuid app that does (or execs) the appropriate group permissions things. Otherwise, I'd go for #1, because I support restrictive vs permissive whenever possible. Dan

=============================================================== From: Mike Harrison ------------------------------------------------------ Wasn't that a talk at the "Temple of Atonement"? And I needed that reminder, I'm setting up some servers and need to double check my perms. I have some bad habits I need to correct. ;)

=============================================================== From: "Alex Smith (K4RNT)" ------------------------------------------------------ You should be able to use POSIX ACLs for your files in question, what are you trying to do, make all files uploaded through a portal to be automatically chown'ed to a group? If we knew what your task is, we may be able to help you out better.

=============================================================== From: James Nylen ------------------------------------------------------ Sorry, I could have been more clear. I'm working on a web interface for rTorrent. It will need to know how to drop .torrent files in a directory that rTorrent is watching. rTorrent and the web interface run as different users, and they will both need write permission to the directory/directories in question. Either of the two solutions I outlined will work fine. I'd like to keep it as simple as possible (avoid using ACLs) because I want to make this process reasonably easy for other users of my project. I'd like to play around with ACLs eventually though... On Mon, Jul 23, 2012 at 2:25 PM, Alex Smith (K4RNT) wrote: :

=============================================================== From: "Alex Smith (K4RNT)" ------------------------------------------------------ Transmission can do this, and has a web-interface as well. May be easier to navigate. I've never tried it with rTorrent. nd e :

=============================================================== From: James Nylen ------------------------------------------------------ I use rTorrent because it is much more customizable than any other Linux client out there. Also, this is one of my "because I can/want to" projects= . I have my setup mostly working the way I want... this is one of the last remaining pieces. I wanted to ask about just the permissions issues on here to discuss the different approaches. I think my task is basically equivalent to what you said about making all files uploaded to a portal have a certain group. How would you accomplish that? o and e: