On 26 Mar 2001 11:43:39 -0500, ghaley@mail.venaca.com wrote:
Assuming /opt/zope is the Zope installation directory...
This is bad advice. At most, make var/ and the files in it owned by nobody.nobody, so that the Zope process can write there.
Zope executables and Python programs should not be writeable by the process executing off them. A bug or a security vulnerability (IOW, a bug with security implications) may permit an intruder to write to inituser/access or do other nasty stuff TTW, if the Zope process can write to those files.
thanks for the warning, though our sysadmin was not even aware of it (and he is the most paranoid person i know!). so, let's take a general /opt/zope directory, where you will have.
Make all zope files owned by root with a few exceptions: access/inituser Data.fs log files These should be owned and r/w by nobody, or whomever you run Zope as. All other files should be writable by root, but none other. The principle here is the least opportunity. Don't allow a process that is started as root, to write to it's own executable files. Give publicly accesible daemons/servers the bare minumum they need to run, and don't allow others those permissions either. Bill