Bug#726187: [pkg-horde] Bug#726187: Bug#726187: Provice empty conf.php and conf.bak.php (writeable for ww-data)
2013/10/31 Mike Gabriel mike.gabr...@das-netzwerkteam.de: Hi Mathieu, [...] I still lack commit access to pkg-horde on Alioth. Strange. You (login=sunweaver?) are in the pkg-horde group on git.debian.org (vasks) and all the git dirs are writable by this group. The two files look grear. In README.Debian I would make it clear that there are three different ways to configure Horde. You use 1. ..., 2. ..., 3. ... . This enumeration alludes that you have to apply step 1 - 2 - 3 to the Horde setup. It could be clearer that you have three alternatives. Maybe its more evident when changing the enumeration into an itemization. (?) Yes. And english may probably be improved. Can you try again to push your changes? Cheers, Mathieu -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#726187: [pkg-horde] Bug#726187: Bug#726187: Provice empty conf.php and conf.bak.php (writeable for ww-data)
Control: tag -1 + pending - wontfix 2013/10/25 Mathieu Parent math.par...@gmail.com: [...] So the ReADME will look like: [...] initial implementation is now in git. See: - http://anonscm.debian.org/gitweb/?p=pkg-horde/PEAR/php-horde.git;a=blob;f=debian/README.Debian - http://anonscm.debian.org/gitweb/?p=pkg-horde/PEAR/php-horde.git;a=blob;f=debian/horde-writable-config Feel free to amend before I upload. Cheers -- Mathieu -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#726187: [pkg-horde] Bug#726187: Bug#726187: Provice empty conf.php and conf.bak.php (writeable for ww-data)
Hi Mathieu, On Do 31 Okt 2013 18:51:08 CET, Mathieu Parent wrote: Control: tag -1 + pending - wontfix 2013/10/25 Mathieu Parent math.par...@gmail.com: [...] So the ReADME will look like: [...] initial implementation is now in git. See: - http://anonscm.debian.org/gitweb/?p=pkg-horde/PEAR/php-horde.git;a=blob;f=debian/README.Debian - http://anonscm.debian.org/gitweb/?p=pkg-horde/PEAR/php-horde.git;a=blob;f=debian/horde-writable-config Feel free to amend before I upload. Cheers I still lack commit access to pkg-horde on Alioth. The two files look grear. In README.Debian I would make it clear that there are three different ways to configure Horde. You use 1. ..., 2. ..., 3. ... . This enumeration alludes that you have to apply step 1 - 2 - 3 to the Horde setup. It could be clearer that you have three alternatives. Maybe its more evident when changing the enumeration into an itemization. (?) Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb binlaVEzwwbK3.bin Description: Öffentlicher PGP-Schlüssel pgppx_0Oit9e2.pgp Description: Digitale PGP-Signatur
Bug#726187: [pkg-horde] Bug#726187: Bug#726187: Provice empty conf.php and conf.bak.php (writeable for ww-data)
Hi Matthieu, On Mi 23 Okt 2013 15:37:46 CEST, Mathieu Parent wrote: 2013/10/22 Mathieu Parent math.par...@gmail.com: Control: tag -1 + wontfix 2013/10/13 Mike Gabriel mike.gabr...@das-netzwerkteam.de: Package: php-horde Version: 5.1.4+debian0-1 To allow editing the Horde configuration administratively, two files need to be present in /etc/horde/horde. conf.php conf.bak.php Both files have to be writable by user www-data. I don't want this because this is a security hole IMO. But, I welcome a patch to: - create those files owned by root - improve the documentation (README.Debian) Thinking a bit more. I propose to not create those 2 empty files. And to write a README.Debian file mentioning the three ways to configure Horde: - 1. Installaing a bundle [1] (php-horde-webmail or -groupware) and running the included script (webmail-install or groupware-), or Will these scripts then provide the empty conf.*php files? - 2. configuring thru the web interface + download + chown root + chmod That is really awkward (copy+pasting conf files from the webbrowser to the file system). - 3. creating those 2 files + chown ww-data + configuring thru the web interface My favourite would be, to provide conf.php and conf.bak.php in the webmail-/groupware-install scripts. Actually, we could add a query if the admin wants to create those files or not. What do you think? Mike, don't hesitate to directly commit to git. I have just applied for membership in pkg-horde on Alioth. Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb bin9lcKWHt3O2.bin Description: Öffentlicher PGP-Schlüssel pgpmqOmTgioBX.pgp Description: Digitale PGP-Signatur
Bug#726187: [pkg-horde] Bug#726187: Bug#726187: Provice empty conf.php and conf.bak.php (writeable for ww-data)
Mike, 2013/10/25 Mike Gabriel mike.gabr...@das-netzwerkteam.de: [...] - 1. Installaing a bundle [1] (php-horde-webmail or -groupware) and running the included script (webmail-install or groupware-), or Will these scripts then provide the empty conf.*php files? They will provided *filled in* configuration. - 2. configuring thru the web interface + download + chown root + chmod That is really awkward (copy+pasting conf files from the webbrowser to the file system). This is not copy-pasting but download + scp. I agree this is awkward. We can put 3 before 2. - 3. creating those 2 files + chown ww-data + configuring thru the web interface My favourite would be, to provide conf.php and conf.bak.php in the webmail-/groupware-install scripts. Actually, we could add a query if the admin wants to create those files or not. What do you think? webmail-/groupware-install are upstream scripts. Maybe we can provide our own script (horde-writeable-config or something) that touch and make writable all those files (in every app)? So the ReADME will look like: - 1. Installaing a bundle [1] (php-horde-webmail or -groupware) and running the included script (webmail-install or groupware-) ; or - 2. creating those 2 files per app owned by ww-data (done with the horde-writeable-config script) and configuring thru the web interface ; or - 3. configuring thru the web interface + download + chown root + chmod Mike, don't hesitate to directly commit to git. I have just applied for membership in pkg-horde on Alioth. Great! -- Mathieu -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#726187: [pkg-horde] Bug#726187: Provice empty conf.php and conf.bak.php (writeable for ww-data)
2013/10/22 Mathieu Parent math.par...@gmail.com: Control: tag -1 + wontfix 2013/10/13 Mike Gabriel mike.gabr...@das-netzwerkteam.de: Package: php-horde Version: 5.1.4+debian0-1 To allow editing the Horde configuration administratively, two files need to be present in /etc/horde/horde. conf.php conf.bak.php Both files have to be writable by user www-data. I don't want this because this is a security hole IMO. But, I welcome a patch to: - create those files owned by root - improve the documentation (README.Debian) Thinking a bit more. I propose to not create those 2 empty files. And to write a README.Debian file mentioning the three ways to configure Horde: - 1. Installaing a bundle [1] (php-horde-webmail or -groupware) and running the included script (webmail-install or groupware-), or - 2. configuring thru the web interface + download + chown root + chmod - 3. creating those 2 files + chown ww-data + configuring thru the web interface Mike, don't hesitate to directly commit to git. [1]: http://packages.debian.org/sid/horde-bundle Cheers, -- Mathieu -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#726187: [pkg-horde] Bug#726187: Provice empty conf.php and conf.bak.php (writeable for ww-data)
Control: tag -1 + wontfix 2013/10/13 Mike Gabriel mike.gabr...@das-netzwerkteam.de: Package: php-horde Version: 5.1.4+debian0-1 To allow editing the Horde configuration administratively, two files need to be present in /etc/horde/horde. conf.php conf.bak.php Both files have to be writable by user www-data. I don't want this because this is a security hole IMO. But, I welcome a patch to: - create those files owned by root - improve the documentation (README.Debian) Regards -- Mathieu -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of unsubscribe. Trouble? Contact listmas...@lists.debian.org
Bug#726187: Provice empty conf.php and conf.bak.php (writeable for ww-data)
Package: php-horde Version: 5.1.4+debian0-1 To allow editing the Horde configuration administratively, two files need to be present in /etc/horde/horde. conf.php conf.bak.php Both files have to be writable by user www-data. Mike -- DAS-NETZWERKTEAM mike gabriel, herweg 7, 24357 fleckeby fon: +49 (1520) 1976 148 GnuPG Key ID 0x25771B31 mail: mike.gabr...@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb binZwVszrAe4N.bin Description: Öffentlicher PGP-Schlüssel pgp929rznCU2Z.pgp Description: Digitale PGP-Signatur