On Sun, Mar 25, 2001 at 04:05:47PM -0500, ghaley@mail.venaca.com wrote:
make sure the /opt/zope/ directory and all its subdirectories have owner and group set to nobody.nobody (you can do this in a single command: chown -R nobody.nobody /opt/zope/ ).
Assuming /opt/zope is the Zope installation directory... This is bad advice. At most, make var/ and the files in it owned by nobody.nobody, so that the Zope process can write there. Zope executables and Python programs should not be writeable by the process executing off them. A bug or a security vulnerability (IOW, a bug with security implications) may permit an intruder to write to inituser/access or do other nasty stuff TTW, if the Zope process can write to those files. -- Ng Pheng Siong <ngps@post1.com> * http://www.post1.com/home/ngps