[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [leafnode-list] File mode in spool area

On Thu, 18 Apr 2002, Matthias Andree wrote:

> [...] Leafnode 2 enforces stricter permissions.

> > Are there any reasons to not have the spool area readable? (If someone is
> > posting to news, I have no problem with the outgoing.messages being world
> > readable.)

> Yes. leafnode 2 supports local group and will at some time in the future
> support access restrictions to groups, and in order not to have them
> circumvented, and because the spool format is not exactly stable, I
> enforce access through NNTP and leafnode, forbidding direct spool
> access.

Makes sense.

> Sorry for the inconvenience.

How about a mask of 024, so that the files are readable by group news.
That way, I can make the script that I have run sgid news and still under
the invokers uid. And the files are still only readable by news and root.

This isn't a big deal.  I don't need to run GroupSTAT, and if I did, I
could always have it do its business over NNTP, but with the spool in
place it seems a pity to duplicate so much data, even if temporarily.
GroupSTAT uses the perl module News::Scan to read the spool.


Jeffrey Goldberg                            http://www.goldmark.org/jeff/
Relativism is the triumph of authority over truth, convention over justice

leafnode-list@xxxxxxxxxxxxxxxxxxxxxxxxxxxx -- mailing list for leafnode
To unsubscribe, send mail with "unsubscribe" in the subject to the list