[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [leafnode-list] /var/spool/news/* permissions issue (more)



>> I am working on Leafwa (Leafnode Web Administrator) utilities
>> that can be used to manage local newsgroups.  We allow the 
>> creation/deletion of new local groups via Leafwa, and further,
>> allow an admin to delete messages that have been previously 
>> posted.  Currently, I am completing a script to allow an admin
>> to move messages from one group to another with the option of
>> also being able to cross-post an article that was not 
>> originally cross-posted.
> 
> Bad idea, that article can be forwarded by news, but anyhow, 
> your point is valid, the permissions should only be tampered 
> with at the very first install.

Noted.  These functions are for local groups only.  I think that
my concept is sound so I'll try to elaborate on the logic to
help me change my mind if you still feel the same way.

When you say that news can forward it, I presume that you mean I
can "forward" it from the reader.  I think this affects the message
author and time/date stamp headers, threading, etc.  If this is 
not what you mean, then I'd be very much interested in existing 
leafnode mechanisms to move articles.

Bear in mind that these are local groups only.  Our organization
used news as a way of archiving technical discussions that are
relevant to our operation.  We don't want to create a zillion
specific newsgroups and have them all sparsely populated, so
we created groups with more generic topics.  Down the road,
through usage we see that one thread of topics is prevalent
enough to have its own forum.  At that point, we decide to
create a new group and want to move the messages to the new
group with date/author intact.  As I understand it, 
forwarding modifies the headers.  We want to preserve
that record when we re-organize our groups.

The cross-posting issue is similar.  A message may be seen to be
applicable to more groups as the local news group list fragments
into smaller topic domains.  Again, I want to cross-post the 
message while leaving the author/timestamp headers intact.

I am not aware of how to do this through my reader.  (Company
standard is ummm... Outlook Express).

>> At this point, since there is released software that resets 
>> file tree permissions behind my back, I am pretty much forced
>> to deal with it some other way, but, I am curious about the 
>> rationale behind doing such a thing.
> 
> You know "Programming Perl"? Read the chapter on efficiency, it has a
> section on programmer efficiency. That's what it has been: my
> convenience. I never bothered considering that behaviour, because
> basically, the tree is leafnode's, but still, your point holds.

:-) Maybe I ought to read it, but, I already understand the concept,
especially if you didn't author the package in the first place...
Sorry, I suppose my comment did sound more personal than I meant it.

>> I suppose I can run Leafwa as news, but, I was hoping to be 
>> able to just authenticate users that belonged to the group news.
>> I can't really do this since group membership does not provide 
>> rights sufficient to chmod g+w the news file tree.
> 
> Evidently not. I will change leafnode to only refuse to work if 
> any of these directories are world writable and let the user fix 
> that instead.
> 
>> I was hoping to have debug and failsafe data thrown into 
>> the various directories where edits were made rather than
>> have to create a separate /var/spool/news/leafwa directory,
>> for example, where I would have to maintain a wholly separate
>> file tree.
> 
> If you need an own private directory for leafwa, go ahead, 
> that's fine, but please do use a dot in the file name, anywhere,
> like /var/spool/news/leaf.wa or place your directory below
> /var/spool/news/leaf.node. Upcoming changes to texpire might otherwise
> wipe your directory. It's a trait of the newsgroup mapping that news
> group directories will NEVER have a dot in their name, because that
> newsgroup dot is converted to a slash, descending the directory
> structure. So if you want something that texpire will not ever touch,
> use a dot.

Thank you very much for this bit of advice!  I would have had no idea
about this...

>> Conceptually, this kind of data could go to /tmp also, but, this is
>> also a lot less useful to the developer or to an admin that may need
>> this data.
> 
> Don't use /tmp unless you want to go lengths to evade race attacks.

:-) More gems... I confess that I am not well versed in the attack
avoidance tactics.  Thank-you again.  I do place a fairly hight
priority on trying to keep my stuff safe...
 
>> If I need to be educated on the ettiquette of how to use 
>> another apps directories, please feel free to offer up some
>> suggestions.
> 
> No need to fear ettiquette violations. I just have to admit I never
> tried leafwa.

:-) Thanks for the assurance.  I don't know how prevalent use of
local groups is.  I am only involved in leafwa because I used it
as a shell to hang extra functionality off of.  It helps me better
support our use of local groups.  If it weren't for this, I wouldn't
use leafwa myself.  After doing the work, I offered it to Phil (the
author), and he suggested that I go ahead and work with the local 
groups side of things since he didn't use local groups either.
 
>  
> Matthias Andree
> 

--- 
Kevin R. Bulgrien, Engineer
Mailto:kbulgrien@xxxxxxxx

Vertex RSI, A TriPoint Global Company         http://www.tripointglobal.com/
Controls & Structures Division 
1915 Harrison Road                                    Tel: 903-295-1480 x288
Longview, TX 75604-5438                               Fax: 903-295-1479

-- 
leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx -- mailing list for leafnode
To unsubscribe, send mail with "unsubscribe" in the subject to the list