12 Jun
2002
12 Jun
'02
7 p.m.
At 03:17 PM 6/11/2002 +0200, Milos Prudek wrote:
Crontab entry :-) # at 1:30am, Tuesday - Saturday, backup Zope, save export file to ~root/ 30 1 * * 2-6 root wget -O ~root/zopebak.zexp "http://zopehost:8080/manage_exportObject?download:int=1"
This requires giving anonymous access to manage_exportObject at root level, doesn't it?
Please forgive me if I overlooked something obvious, but it looks like any cracker may download your whole Zope simply by visiting "www.yoursite.com/manage_exportObject?download:int=1"
You are correct, unless you happen to have a .wgetrc file, owned by root.root, with 0600 perms, containing: http_user = someuser http_passwd = ********** :-) Adam