Need some help with permissions and ownership when running cgi
script as user
Samuel ]slund
samuel@update.uu.se
Mon Feb 11 19:13:02 2002
Hi
Did you solve it?
I think you are looking for the --lock-never switch from the man page.
(There should not be any trouble with concurrent access if the files are
writeprotected)
You might also want/need to look for some other switch to tell GPG not to
update the trust DB.
I will not comment about security since (in this case) I'm just a dumb
user who can read manpages.
//Samuel
On Fri, 8 Feb 2002, David wrote:
<<<< Snip >>>>
> From a previous posting:
>
> At 10:26 AM 1/25/02 +0100, Werner Koch wrote:
> > > Q2. The public key ring is best owned by root. Is this true?
> >
> >It is always a good idea not to give write access to the CGI user, I'd
> >create an extra user for this.
>
>
> Now when I create a non-privileged user like gpgforkeys to own the keyring
> I get the following errors:
>
> gpg: failed to create temporary file
> `/home/gpgforkeys/.gnupg/.#lk0x80ceff0.server1.mydomain.com.2173':
> Permission denied
> gpg: fatal: /home/gpgforkeys/.gnupg/trustdb.gpg: can't create lock
> secmem usage: 1408/1408 bytes in 2/2 blocks of pool 1408/16384
<<<<< Snip >>>>>