22 Nov
2002
22 Nov
'02
6:59 p.m.
Wei He writes:
... I have an idea, but don't know whether it is possible: set uid.
If there is a way Zope server can change uid to a predefined one before accessing an externally linked file, each webmaster will have permission to their own home directory plus some shared directories to which all webmasters have permission. Forget about this in a multi-threaded process (with almost independent threads).
The "uid/gid" are process global things. Interesting things happen when threads asynchronously change it. In order to be able to switch users, Zope must run with "root" privileges -- a huge security risk.
Then I can create system accounts for each webmaster, Give each webmaster its own Zope process.
Dieter