> > There... does that almost make sense? > > No, it makes TOO much sense. I'm trying to build a cgi script to webify my > pending messages and let me manipulate them with the mouse button. However, > I'm having some trouble.... <duh> > > It turns out that tmda-pending is trying to read the pending directory and > the files in it. Presumably, it will want to write there as well.
I'm not sure. My hunch is that it primarily needs to read and delete. But the permission to delete is equivalent to the permission to write. > But it's trying to do it as the web server user, apache. So, to make > it work, I've had to do chmod 666 on ~/.tmda/pending/* and > .delivered_cache. Now I know there are some security implications > here.... What are they? Good question. Might increase the importance of using http authentication, at least. > And newly blocked messages won't get the right permissions. > > How do I fix this? Just a couple messages ago on this list, something was mentioned about the umask.os setting... for unrelated subject matter. I've already tossed it. It also might help to make the primary apache group and the primary user's group the same... or add the apache user to the group that naturally is associated with those .msg files. Doesn't help the security risk, but might solve the "apache can't delete it" problem. --KDO _____________________________________________ tmda-users mailing list ([EMAIL PROTECTED]) http://tmda.net/lists/listinfo/tmda-users
