[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [leafnode-list] leafnode 2.0b8_ma9rc2 creates article files

To: leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx
Subject: Re: [leafnode-list] leafnode 2.0b8_ma9rc2 creates article files
From: Matthias Andree <ma@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>
Date: by mail-ob (mbox f11350)(with Cubic Circle's cucipop (v1.31 1998/05/13) Mon Jan 14 07:04:38 2002)

<Andreas.Karrer@xxxxxxxxxxxxxxx> writes:

> It seems that since 2.0b8_ma8 or even before, leafnode(fetchnews) uses
> mkstemp() to create article files. On systems with glibc 2.0.7 and newer,
> the resulting file will be mode 0600.

It will be on any system, because I have an umask-wrapper for mkstemp.

> I cannot readily see a reason why article files should be
>world-unreadable. I, for one, would like to be able to grep the spool
>every now and then without su-ing to the news spool owner (for me, this
>is one of the main reason to use leafnode in the first place).

I can.

1- There have always been feature requests to restrict group access,
e. g. for children (which may then have access to Pokémon fan groups,
but not to adult stuff), and I want other parts of the infrastructure to
be in place by that time.

2- In the long run, leafnode may migrate away from the traditional spool
for efficiency reasons, especially high-traffic groups or group with
long expiry periods hog down leafnode quite heftily on traditional file
systems, like old UFS or ext2 implementations. In that case, we don't
want bad surprises.

3- In the short run, leafnode may already prepare the articles in NNTP
format to feed them out via mmap or sendfile rather than read/write
loops, and in that case, the articles would have their dots already
escaped, making the articles unsuitable for direct spool access.

> I'd suggest to introduce a constant
>   #define ARTICLE_MODE 0664
> (similar to MKDIR_MODE) in leafnode.h, and a chmod() either after the
> mkstemp() or after the link in message.id or the one in the spool
> directoy(ies) is made.

That collides with future plans, as laid out above, so I'd rather have
this default to 0600 or 0660 or something, and let the person who
installs leafnode switch this to 0664 as desired.

-- 
Matthias Andree

"They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety."         Benjamin Franklin

-- 
leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx -- mailing list for leafnode
To unsubscribe, send mail with "unsubscribe" in the subject to the list

Prev by Date: Re: [leafnode-list] Reading local spoled news without subscribing
Next by Date: [leafnode-list] Nemesis is back
Previous by thread: Re: [leafnode-list] Reading local spoled news without subscribin
Next by thread: [leafnode-list] Nemesis is back
Index(es):
- Date
- Thread