Re: [Mailman-Users] Prohibiting Local Access to Archives

Fri, 27 Apr 2001 14:13:32 -0700 

It seems to me that changing the permissions on the files you want
to prevent access to anyone other than group mailman would be 
sufficient, no?  Unless the process of adding to the files 
automatically resets the permissions, in which case it's probably
the umask on the process creating them that needs to be set to 006
instead of 002.

Agreed?

> This is the *third* letter I have written on the same topic.  Before I
> give up and return to using Majordomo for certain lists, I am trying
> one last time.
> 
> Is there a way to prohibit local users (with some knowledge of
> Mailman's archive directory structure and naming conventions) from
> seeing the contents of archived files?
> 
> I'd like to continue web-access to the archives for list members, but
> prohibit access to local users on the Mailman "host machine". The fact
> that ../mailman/archives/private/ has "drwxrws--x" permissions isn't
> sufficient.
> 
> Attached below are my previous postings.
> 
> Thanks for any help!
> 
> -- 
> Prof Kenneth H Jacker       [EMAIL PROTECTED]
> Computer Science Dept       www.cs.appstate.edu/~khj
> Appalachian State Univ
> Boone, NC  28608  USA        
> 
>  |Subject: Not Allowing Local Archive Access
>  |To: [EMAIL PROTECTED]
>  |Date: 29 Dec 2000 13:16:59 -0500
>  |
>  |I have a hunch I'm just being dense/stupid, but I'm not sure how to
>  |make (a least some) list archives unreadable on the 'Mailman' host.
>  |
>  |It appears everything under ~mailman has at least `--x' permissions
>  |for the world/others and many have 'r-x' or just 'r--'.
>  |
>  |What do I do to make certain list archives *unreadable* locally?
>  |
>  |Thanks,
>  |
>  |  -Kenneth
>  |
>  |
>  |Subject: Truly Private Archives
>  |To: [EMAIL PROTECTED]
>  |Date: 05 Feb 2001 23:15:34 -0500
>  |
>  |Anyone on the local 'Mailman' machine can -- with even a little
>  |knowledge of Mailman's directory structure and hosted mailing lists --
>  |simply 'cd' to one of the "archives" sub-dirs and "read away".
>  |
>  |What if the permissions of /usr/local/etc/mailman (~mailman) are set
>  |to:
>  |        drwxrws---  mailman  mailman
>  |
>  |
>  |instead of the current:
>  |
>  |        drwxrwsr-x  mailman  mailman      ?
>  |
>  |
>  |Will the *entire* Mailman system still work correctly?
>  |
>  |Thanks for your comments!
>  |
>  |  -Kenneth
> 
> ------------------------------------------------------
> Mailman-Users maillist  -  [EMAIL PROTECTED]
> http://mail.python.org/mailman/listinfo/mailman-users


------------------------------------------------------
Mailman-Users maillist  -  [EMAIL PROTECTED]
http://mail.python.org/mailman/listinfo/mailman-users

Reply via email to