[Zope-dev] Configurable Blob Permissions ZODB
Hi, Refering to this bug report https://bugs.launchpad.net/zodb/+bug/683751 And this usecases http://stackoverflow.com/questions/6168566/collective-xsendfile-zodb-blobs-and-unix-file-permissions It would be great if create mode of blobs would be configurable in ZODB directly. For UNIX Systems there could be 2 flags for folder creation mode and blob file permissions, i.e. BLOB_FOLDER_MODE = 750 BLOB_FILE_PERMISSIONS = stat.S_IRUSR | stat.S_IRGRP which are used then at the appropriate places. See here: http://pastebin.com/wNLYyXvw I don't know how this refers to NTFS, though. Further this configuration flags should be available in ZOPE and ZEO Server configuration files. Any doubts, suggestions, other ideas? Regards, Robert -- Robert Niederreiter Squarewave Computing Aflingerstraße 19 A-6176 Völs Tel: +43 699 160 20 192 Web: http://www.squarewave.at ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Configurable Blob Permissions ZODB
On Fri, Jun 17, 2011 at 4:53 AM, Robert Niederreiter r...@squarewave.at wrote: Hi, Refering to this bug report https://bugs.launchpad.net/zodb/+bug/683751 And this usecases http://stackoverflow.com/questions/6168566/collective-xsendfile-zodb-blobs-and-unix-file-permissions It would be great if create mode of blobs would be configurable in ZODB directly. For UNIX Systems there could be 2 flags for folder creation mode and blob file permissions, i.e. BLOB_FOLDER_MODE = 750 BLOB_FILE_PERMISSIONS = stat.S_IRUSR | stat.S_IRGRP which are used then at the appropriate places. See here: http://pastebin.com/wNLYyXvw I don't know how this refers to NTFS, though. Further this configuration flags should be available in ZOPE and ZEO Server configuration files. Any doubts, suggestions, other ideas? -1 for a new configuration option. I would rather just have write permission *only* removed from committed blob files. Read permissions should be controlled by existing mechanisms such as umask. Jim -- Jim Fulton http://www.linkedin.com/in/jimfulton ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Configurable Blob Permissions ZODB
On Fri, Jun 17, 2011 at 2:06 PM, Jim Fulton j...@zope.com wrote: On Fri, Jun 17, 2011 at 4:53 AM, Robert Niederreiter r...@squarewave.at wrote: Any doubts, suggestions, other ideas? -1 for a new configuration option. I would rather just have write permission *only* removed from committed blob files. Read permissions should be controlled by existing mechanisms such as umask. +1 on Jim's suggestion - much simpler :) Hanno ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Configurable Blob Permissions ZODB
Am Freitag, den 17.06.2011, 08:06 -0400 schrieb Jim Fulton: Any doubts, suggestions, other ideas? -1 for a new configuration option. I would rather just have write permission *only* removed from committed blob files. Read permissions should be controlled by existing mechanisms such as umask. So changing the creation mode for folders to 755 and for blobs to 444 would be the solution then. right? Has this a chance to get into the next ZODB release? Robert Jim -- Robert Niederreiter Squarewave Computing Aflingerstraße 19 A-6176 Völs Tel: +43 699 160 20 192 Web: http://www.squarewave.at ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )
Re: [Zope-dev] Configurable Blob Permissions ZODB
On Fri, Jun 17, 2011 at 8:45 AM, Robert Niederreiter r...@squarewave.at wrote: Am Freitag, den 17.06.2011, 08:06 -0400 schrieb Jim Fulton: Any doubts, suggestions, other ideas? -1 for a new configuration option. I would rather just have write permission *only* removed from committed blob files. Read permissions should be controlled by existing mechanisms such as umask. So changing the creation mode for folders to 755 and for blobs to 444 would be the solution then. right? No. Use the default mode for folders and files, but removing write access on committed blob files. Has this a chance to get into the next ZODB release? Of course, but it's not a priority for me personally. I'd be happy to review a patch with tests. I'd even consider this a bug fix, rather than a feature, so it could get into a 3.10 release. Jim -- Jim Fulton http://www.linkedin.com/in/jimfulton ___ Zope-Dev maillist - Zope-Dev@zope.org https://mail.zope.org/mailman/listinfo/zope-dev ** No cross posts or HTML encoding! ** (Related lists - https://mail.zope.org/mailman/listinfo/zope-announce https://mail.zope.org/mailman/listinfo/zope )