[ZWeb] Zope.org feedback: UNIX Zope security patches
Julio Silva
jsilva@ruido-visual.pt
Thu, 24 Jan 2002 16:25:13 -0500
Hi Matt,
I'm not a unix permissions guru, far from that but I have
a question for you:
I agree on NOT running zope with nobody and instead use
a dedicated user, for instance, zope.
Now regarding all the other subjects your Zope UNIX security patch addresses namely the ones related to the
read/write access to some files in var like the ones
that are created when a zodb pack is made and the z2.pid:
Isnt more simple to, for instance, install zope in
/usr/local/zope and give this directory "zope" the following
permissions:
drwxrwx--- 5 zope zope 1024 Jan 11 20:34 zope
I think this solves all problems related to other users
access to z2.pid, Data.fs.old, etc files.
But then again unix security is not my zen.
Thanx for any comments,
Júlio Silva
----------------------------------------------------------
This email was generated from the Zope.org feedback form
It was invoked from a link on http://www.zope.org/Members/zigg/UnixSecurityPatch