[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [leafnode-list] /var/spool/news/* permissions issue (more)
"Bulgrien, Kevin" <Kevin.Bulgrien@xxxxxxxxxxxxxxxxxx> writes:
> I am working on Leafwa (Leafnode Web Administrator) utilities that can be
> used to manage local newsgroups. We allow the creation/deletion of new
> local groups via Leafwa, and further, allow an admin to delete messages
> that have been previously posted. Currently, I am completing a script to
> allow an admin to move messages from one group to another with the option
> of also being able to cross-post an article that was not originally
> cross-posted.
Bad idea, that article can be forwarded by news, but anyhow, your point
is valid, the permissions should only be tampered with at the very first
install.
> At this point, since there is released software that resets file tree
> permissions behind my back, I am pretty much forced to deal with it some
> other way, but, I am curious about the rationale behind doing such a
> thing.
You know "Programming Perl"? Read the chapter on efficiency, it has a
section on programmer efficiency. That's what it has been: my
convenience. I never bothered considering that behaviour, because
basically, the tree is leafnode's, but still, your point holds.
> I suppose I can run Leafwa as news, but, I was hoping to be able to just
> authenticate users that belonged to the group news. I can't really do
> this since group membership does not provide rights sufficient to
> chmod g+w the news file tree.
Evidently not. I will change leafnode to only refuse to work if any of
these directories are world writable and let the user fix that instead.
> I was hoping to have debug and failsafe data thrown into the various
> directories where edits were made rather than have to create a separate
> /var/spool/news/leafwa directory, for example, where I would have to
> maintain
> a wholly separate file tree.
If you need an own private directory for leafwa, go ahead, that's fine,
but please do use a dot in the file name, anywhere, like
/var/spool/news/leaf.wa or place your directory below
/var/spool/news/leaf.node. Upcoming changes to texpire might otherwise
wipe your directory. It's a trait of the newsgroup mapping that news
group directories will NEVER have a dot in their name, because that
newsgroup dot is converted to a slash, descending the directory
structure. So if you want something that texpire will not ever touch,
use a dot.
> Conceptually, this kind of data could go to /tmp also, but, this is
> also a lot less useful to the developer or to an admin that may need
> this data.
Don't use /tmp unless you want to go lengths to evade race attacks.
> If I need to be educated on the ettiquette of how to use another apps
> directories, please feel free to offer up some suggestions.
No need to fear ettiquette violations. I just have to admit I never
tried leafwa.
--
Matthias Andree
GPG encrypted mail welcome, unless it's unsolicited commercial email.
--
leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx -- mailing list for leafnode
To unsubscribe, send mail with "unsubscribe" in the subject to the list