[Zope-dev] Problem in ZGadflyDA/__init__.py
Tres Seaver
tseaver@palladion.com
Mon, 10 Apr 2000 23:58:59 -0500
Gregor Hoffleit <flight@hoffleit.de>
> To: Jim Fulton <jim@digicool.com>, zope-dev@zope.org
> Subject:
>
> There's a small but sometimes fatal problem in ZGadflyDA/__init__.py:
>
> __init__.py currently checks for the presence of a gadfly directory in
> Zope's var directory, and creates it if it's not yet there:
>
> j=os.path.join
> d=j(j(INSTANCE_HOME,'var'),'gadfly')
> if not os.path.exists(d):
> os.mkdir(d)
> os.mkdir(j(d,'demo'))
>
> Now if you start up z2.py as root, since __init__.py is called *before*
> z2.py tries to setuid/setgid, the gadfly directory will be created with the
> original uid and gid, i.e. root.
>
> Depending on the umask, this leaves the Zope process with insufficient
> permissions to access the gadfly directory.
>
> The suggested change is easy: Similar code is already in ZGadflyDA/db.py, so
> it should be safe to remove the lines above from ZGadflyDA/__init__.py.
So that we don't lose it in the list, please submit this change as a
"bug-with-patch" to the Collector:
http://classic.zope.org:8080/Collector/developer_input
Thanks!
Tres.
--
=========================================================
Tres Seaver tseaver@digicool.com tseaver@palladion.com