[Zope] [PATCH] dtml-comment doesn't? Please fix... ;-)

2000-09-07 Thread Kip Rugger
Andrew Kenneth Milton [EMAIL PROTECTED] wrote: +---[ Kip Rugger ]-- | | [snip] | | dtml-if "0" | crap | more crap | dtml-if "0" | Lots of crap | /dtml-if | /dtml-if | | by analogy with the common practice of #if 0 in C Won't work, the container

Re: [Zope] supplemental group ids (Linux)

2000-09-06 Thread Kip Rugger
OK, something is not quite right here. On my unmodified zope, it is properly 'sandboxed'. Perhaps it is the use of the explicit '-u nobody'? I don't do that on my system, which causes Zope to run as nobody implicitly. (When started as root, unless told otherwise, zope will switch to nobody).

Re: [Zope] supplemental group ids (Linux)

2000-09-05 Thread Kip Rugger
Bill Anderson [EMAIL PROTECTED] wrote: Kip Rugger wrote: Chris McDonough [EMAIL PROTECTED] wrote: Aplogies for the ignorance, but can you maybe explain the concept of supplemental group ids and give an example of how the current unpatched behavior could be subverted? I can try

Re: [Zope] supplemental group ids (Linux)

2000-09-05 Thread Kip Rugger
Andrew Kenneth Milton [EMAIL PROTECTED] wrote: | I saw this on Linux; supplemental groups come from the BSD tradition, | so you likely will find the same situation on *BSD, Solaris, etc. Sorry I missed the start of the thread, but, I can weigh in on this point. Using -u user under FreeBSD

Re: [Zope] supplemental group ids (Linux)

2000-09-04 Thread Kip Rugger
Chris McDonough [EMAIL PROTECTED] wrote: Aplogies for the ignorance, but can you maybe explain the concept of supplemental group ids and give an example of how the current unpatched behavior could be subverted? I can try... Supplemental gids are useful for allowing a user to belong to more