LISTSERV - LSTSRV-L Archives - COMMUNITY.EMAILOGY.COM

LSTSRV-L Archives

LISTSERV Site Administrators' Forum

LSTSRV-L

	LISTSERV Archives
	LSTSRV-L Home

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Topic:	[<< First] [< Prev] [Next >] [Last >>]

Re: Our LISTSERV conversion experience - VM to AIX

Eric Thomas <[log in to unmask]>

Sun, 29 Jun 1997 16:12:22 +0200

text/plain (41 lines)

On Sun, 29 Jun 1997 10:02:07 -0400 David R Nessl <[log in to unmask]> said:

>The technical  problem in  Unix is  symlinks: a  clever user  could move
>their /u/username/list-archives  directory to  another place  and create
>the symlink /u/username/list-archives -> newplace.

That assumes  the user owns another  directory on the system  that is not
within the  /u/username tree, which on  a normal system would  not be the
case. There will  always be idiots using /tmp for  this purpose, but they
will quickly  learn that there are,  er, drawbacks :-) As  for people who
allow world write to their directories  and files or use their userid for
password, they shouldn't be surprised  if other people are pirating their
directories and loading their bills.

>Then, LISTSERV's  archive writing  would still work  but the  `chown -R`
>would not.

Just write your own program that traverses symbolic links, it should take
about  30 min.  If you  don't want  local code,  I suspect  that security
add-ons exist for AIX which give  you ACLs and in general greater control
over file ownership and security. An even simpler alternative would be to
put the per-user directory somewhere that  the users can't access at all.
It  is actually  a very  bad idea  to put  these files  under a  Joe User
directory where they can be manipulated  randomly by someone who does not
necessarily  understand what  these  files  are for  and  how they  work.
LISTSERV assumes  that the files are  not being tampered with  by a third
party while it uses them. I'll bet a large sum that the average user will
assume that the digest file is  here to be freely edited without worries,
that these  weird large unprintable  dbwhatever files are designed  to be
removed so you can save disk space, and that the other log files can also
be edited freely and without precaution. Then you'll be wondering why you
get strange errors in  your LISTSERV log :-) I just  don't see any reason
to give users a free run on these files.

>Because of  our widespread use  of sub-lists, *not* having  recursion is
>counter-intuitive to our users!

Maybe but I think this is specific to UFL :-)

  Eric

ATOM RSS1 RSS2

COMMUNITY.EMAILOGY.COM