[Zope] Re: installation security best practice question
Tres Seaver
tseaver at palladion.com
Tue Mar 14 08:45:04 EST 2006
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
JulianRead wrote:
> I have tried this method i have made a zope instance as a dedicated user the
> owner of this file is that of the dedicated user.
>
> when i go to run zope as this user i get an error message saying that there
> is an error opening a file in the install directory ( not the zope instance)
> if i change the permssions on that file i get an error saying that there is
> an error opening another file (in the install directory).
>
> any ideas how i can avoid this.
The Zope user needs to be able to read every file under the install
directory. Those files are "software", and should be safe to make world
readable, e.g.:
# chmod -R a+r /path/to/installed/zope
The Zope user needs *write* access only into the 'var' and 'log'
subdirectories of the instance, but must have read access to the whole
instance.
Tres.
- --
===================================================================
Tres Seaver +1 202-558-7113 tseaver at palladion.com
Palladion Software "Excellence by Design" http://palladion.com
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFEFsjg+gerLs4ltQ4RAsUoAJ9KQgxtYKqMyTFwX6HeF2rYbGavvQCfcwGq
SJPdrmowKRyb8dUNyCihCCo=
=0RLo
-----END PGP SIGNATURE-----
More information about the Zope
mailing list