Robert Nagle wrote:
When adding new products to the install directory, what permission should the new files and directory be?
Directories and files should only be readable by the zope process. Given that, the norm is to let directories be 0755 and files 0644, ownership of root:root unless system policies dictate otherwise. Frequently system policies will allocate a group for the management of Zope products, extensions, etc. Under those circumstances its not uncommon to see ownership of root:staff where staff is the group name given to the zope managers, and directory modes to be 02775 allowing for staff members to administrate an instance's products. IOW, permissions and ownership are whatever they need to be, but the zope process needn't (and shouldn't) have write access to any of it. -- Jamie Heilman http://audible.transient.net/~jamie/ "...thats the metaphorical equivalent of flopping your wedding tackle into a lion's mouth and flicking his lovespuds with a wet towel, pure insanity..." -Rimmer