[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] alias :include: SOLVED

Subject: Re: [cobalt-users] alias :include: SOLVED
From: Jeff Lasman <jblists@xxxxxxxxxxxxx>
Date: Mon Jan 10 10:50:23 2000

At 01:22 PM 1/9/00  Steven Werby wrote:

********************
I also tried putting mylist in /home/sites/siteX/lists, but I got:
550 :include:/home/sites/siteX/lists/mylist...
Cannot open /home/sites/siteX/lists/mylist: Group writable directory
554 <mylist@mydomain>... aliasing/forwarding loop broken

Odd.  /home/sites/siteX/lists is 755 (no group write access).  It wasn't
intuitive to me why I could have an include in /home/majordomo/lists, and
/home, but not in /home/sites/siteX/lists so I did some more testing.  I
decided to change the permissions on /home/sites/siteX from drwxrwsr-x to
drwxr-xr-x by chmod g-s, chmod 755.  Wa-la!  An include in
/home/sites/siteX/lists now works!

But, what will the change in permissions affect?  Is there any harm in this
solution?  I'm asking b/c I'm not a Linux guru and though it may be obvious
to you it isn't to me.

In general, you get to decide what has to be group-writable and whatdoesn't; it's based on individual concepts of security you implement onyour machine.

That said, we RaQ/Qube users tend to not care about such subjects<smile>. The harm in this solution is only that non-owners who ARE groupmembers will NOT be ble to write to the directories. For me, on lots ofLinux boxes, that's NOT a problem.

It's more likely to be a problem if, for example, you have several users onthe box working on one development project, and relying on group privilegesto be able to write in one directory.

However, I don't really know if it's going to be a problem for thehtml-interface. I don't think so, since the html-interface no doubt usesprograms suid as root. But of course they may set back privileges to theRaQ/Qube default (again, I don't think so). If they do, you'll find outsoon enough as the errors will occur again.

  BTW, your beer should be finished by now.


I had to rush through your examples, since I don't drink beer <smile>.

Jeff
--
Jeff Lasman, nobaloney.net
<jblists@xxxxxxxxxxxxx>
<www.nobaloney.net>, <www.mailtraqna.com>, <www.email-lists.com>

References:
- Re: [cobalt-users] alias :include:
  - From: Jeff Lasman
- Re: [cobalt-users] alias :include:
  - From: WebMost
- Re: [cobalt-users] alias :include:
  - From: Dom Latter
- Re: [cobalt-users] alias :include:
  - From: WebMost
- Re: [cobalt-users] alias :include: SOLVED
  - From: Steven Werby

Prev by Date: [cobalt-users] Kernel with Audio support for Qube2
Next by Date: Re: [cobalt-users] [Cobalt] Security Advisory - Majordomo
Previous by thread: Re: [cobalt-users] alias :include: SOLVED
Next by thread: Re: [cobalt-users] alias :include:

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index