[ZWeb] Zope.org feedback: UNIX Zope security patches

Julio Silva jsilva@ruido-visual.pt
Thu, 24 Jan 2002 16:25:13 -0500

Hi Matt,

I'm not a unix permissions guru, far from that but I have
a question for you:

I agree on NOT running zope with nobody and instead use
a dedicated user, for instance, zope.

Now regarding all the other subjects your Zope UNIX security patch addresses namely the ones related to the
read/write access to some files in var like the ones
that are created when a zodb pack is made and the z2.pid:
Isnt more simple to, for instance, install zope in
/usr/local/zope and give this directory "zope" the following

drwxrwx---    5 zope     zope         1024 Jan 11 20:34 zope

I think this solves all problems related to other users
access to z2.pid, Data.fs.old, etc files.

But then again unix security is not my zen.

Thanx for any comments,
Júlio Silva

This email was generated from the Zope.org feedback form
It was invoked from a link on http://www.zope.org/Members/zigg/UnixSecurityPatch