16 May
2003
16 May
'03
5:30 p.m.
Hey Guys, Got some angst about permissions on the server we have Zope installed on. Up to now, world has had read access to the entire Zope tree. We need to turn that off since there are users that can access this server that should not be allowed to peruse the Python code we've been writing. However, the only immediate alternative seems to be to add Apache to the "Zopeadmins" group we have, but that has read-write, and letting Apache have write is a potential security hazard. Can anyone with greater knowledge of the interaction of Zope and Apache tell me if I can be more selective about my permissions? And, more generally, how have other people solved these problems? Edward