Inherited permission on resulting image file

Posted by: cresch

Inherited permission on resulting image file - 04/13/06 04:30 PM

Can anyone explain how permissions are applied to image files created by the Digital Imaging plug in? I ask because I have two different installs where the resulting output files are being created with NTFS permission on a Windows Server that are NOT being inherited from the parent level.

Example:

OUT folder has access perms set for RELEASE group to be able to Modify

OUT\DOCUMENT-mm-dd-yy folder is created automatically by the Digital Imaging and inherits the same permissions (e.g. RELEASE group has appropriate modify permissions).

OUT\DOCUMENT-mm-dd-yy\file1.tif
OUT\DOCUMENT-mm-dd-yy\file2.tif

are created and have DIFFERENT permission, NOT inherited from the parent folder.

There is a text file OUT\DOCUMENT-mm-dd-yy\index.txt that is created/updated via vbscript in Watch, and it DOES inherit the appropriate permission set.

As I mentioned earlier, I currently have TWO different installs experiencing this issue. Both are running V5 (one is 5.2.2.1925, and I'm not sure off-hand if the other has been updated or is still on 5.0.1.1713)

The weird thing is that the one system was running just fine until this past Monday. We can't detect any changes made recently. The PlanetPress services (other than Messenger) are running under the Administrator account on these two servers.

Any ideas in which direction to look for the trouble here?

Thanks
Posted by: cresch

Re: Inherited permission on resulting image file - 04/20/06 06:49 AM

Opened support case & confirmed as bug; image files are created in a Watch temp folder (inheriting permissions from that folder) and then moved (not copied) to the destination folder, so the original permissions remain.

Tested workaround is to set permissions on the "c:\Program Files\PlanetPress Suite5\PlanetPress Watch\Spool" folder to have the greatest level of permission required for the files (doesn't really matter if the permissions are too broad here, as you can secure more granularly at the destination FOLDER level and be fine).