LISTSERV - LSTSRV-L Archives - COMMUNITY.EMAILOGY.COM

LSTSRV-L Archives

LISTSERV Site Administrators' Forum

LSTSRV-L

	LISTSERV Archives
	LSTSRV-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Re: Permissions

Peter 'Rattacresh' Backes <[log in to unmask]>

Wed, 5 Jul 2000 20:14:23 +0200

text/plain (40 lines)

> Not to start an argument but concretely if you have created the
> LSVROOT directory with, say, permissions 700 (drwx------) and
> ownership by 'listserv', nobody but 'root' or 'listserv' should
> be able to read files in that directory to begin with.

Yes, I understand, but I want my local users to be able to read/copy
the memos in the home directory and to get files from the LISTSERV
file server this way.  Some subdirectories are also writeable by
certain users, so they can update their non-ascii files (files that
can't be stored using a PUT job).  Because my local users need the
files on the file server very often, allowing them to use ftp and cd
to the appropriate LISTSERV directory to download them leads to a
notable decrease of sendmail/LISTSERV and finally system load.
(Remember that binary files sent via base64 encoded mail are 3/2 of
the actual size.)  Of course I could have these directories outside
the LSVROOT directory, but I want at least the list notebooks to be
under the hierarchy that is recommended in the manual.  The free LITE
version doesn't have database functionality, so my users like to use
grep instead.

> Are you
> saying you've opened up the LSVROOT directory to all and sundry?

This one only for reading of course.  A good UNIX program generally
sets appropriatle file permissions when it creates a file.  I know,
LISTSERV is a VM port; but I just want to make some suggestions.  As
I am currently only using the free LITE version, I don't expect
anything of it to be considered or even to be implemented.  However
if there's some time left on your schedule, Eric or someone else
could check the open function calls which create files with
confidential content and add a creation mode of '600'.  At least on
the list and the signup files.  Or does the UNIX port still use
PASCAL&Rexx instead of C?  I personally am using a heavily modified
'go' script which also fixes the logfile permission problem.  If
someone wants to have it, please send a short request.  If there's a
general need for it, I can post it here.

-- Peter 'Rattacresh' Backes, [log in to unmask]
   TURN OFF AUTO-QUOTING OF THE WHOLE TEXT IF YOU REPLY!!!

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM