On Sun, 23 Apr 2006 11:49:12 -0700, Mark Sapiro wrote
> Noah wrote:
> >
> >Well the sym links appear to work fine from an apache/browser perspective. I
> >dont think there has been any problems yet.
> >
> >archiving appears to be working properly for both public and private
> >archives.
>
> The issue is not whether one or the other will work or not from the
> Apache perspective or the archiving perspective. The issue is which
> provides more security for private archives to be secure from public
> access via the web server.
>
> The point is that making the web server effective uid ('www' in your
> case) the owner of the archives/private/ directory, gives the web
> server more access than making the directory o+x.
Hey there Mark,
I hear what you are saying but not completely understanding your analysis.
The point of the permissions and ownership changes is so the web server has
access to the private directory. And then to o-x the private directory keeps
local users from accessing the private directories directly and reading
private messages.
Sounds like my permissions and ownership is set properly
drwxrws--- 103 www mailman 2560 Apr 21 21:49 private
Cheers,
Noah
>
> Ideally, the archives/private directory should be o-rx, but this
> apparently is not workable, at least in some configurations, so o+x
> is the next best thing,
>
> >> Also, the Makefile that creates archives/private has created it with
> >> o+x for many years.
> >
> >
> >thanks for the information. appears that there should be some consistency
> >between the Makefile and the check_perm's warnings though.
>
> You're right about that.
>
> --
> Mark Sapiro <[EMAIL PROTECTED]> The highway is for gamblers,
> San Francisco Bay Area, California better use your sense - B. Dylan
------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe:
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Security Policy:
http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
