Noah wrote: > >I hear what you are saying but not completely understanding your analysis. >The point of the permissions and ownership changes is so the web server has >access to the private directory. And then to o-x the private directory keeps >local users from accessing the private directories directly and reading >private messages. > >Sounds like my permissions and ownership is set properly >drwxrws--- 103 www mailman 2560 Apr 21 21:49 private
The point is that with some browsers and web servers (probably not with Apache) if the web server can read and search the private/ directory, it can serve pages in the private/ directory via a url like <http://www.example.com/pipermail/../private/list> where list's archives are private - i.e., they don't have symlinks in the public/ directory. Thus, you do not want to give the web server access to the private/ directory itself. In order to keep private archives private, you must require that they cannot be accessed directly by the web server. The theory is that the private directory is inaccessable to the web server, but the sub directories referenced by the public/ directory symlinks are not. Thus the web server is prevented from direct access to archives through a path which includes the private/ directory. The o-rx on the private directory is primarily to keep the web server out of private archives, not to keep local users out. Ideally, public access to the archives would work if the permissions and ownership on the private/ directory were 1) drwxrws--- 103 mailman mailman 2560 Apr 21 21:49 private This doesn't work in your case (probably not in any case), so the next best thing is 2) drwxrws--x 103 mailman mailman 2560 Apr 21 21:49 private even though check_perms complains. changing ownership and perms to 3) drwxrws--- 103 www mailman 2560 Apr 21 21:49 private is in fact less secure in terms of what check_perms complains about than is 2), even though check_perms doesn't complain about 3). Whether or not 3) or even 2) is subject to serving private archive pages through cleverly crafted URLs depends on the web server, and it isn't necessarily an issue in every case (and I don't think it is with recent Apache, but I'd love to hear from someone who knows more about this). Thus, your installation may be perfectly fine with 3). But, if the only reason you prefer 3) to 2) is that check_perms doesn't complain about 3), that is a check_perms issue. 2) is better - only slightly better, but better. -- Mark Sapiro <[EMAIL PROTECTED]> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
