Mailman 3 Re: [Mailman-Users] Prohibiting Local Access to Archives - Mailman-Users

April 27, 2001 · *third*


      It seems to me that changing the permissions on the files you want
to prevent access to anyone other than group mailman would be
sufficient, no?  Unless the process of adding to the files
automatically resets the permissions, in which case it's probably
the umask on the process creating them that needs to be set to 006
instead of 002.
Agreed?
...
This is the *third* letter I have written on the same topic.  Before I
give up and return to using Majordomo for certain lists, I am trying
one last time.
Is there a way to prohibit local users (with some knowledge of
Mailman's archive directory structure and naming conventions) from
seeing the contents of archived files?
I'd like to continue web-access to the archives for list members, but
prohibit access to local users on the Mailman "host machine". The fact
that ../mailman/archives/private/ has "drwxrws--x" permissions isn't
sufficient.
Attached below are my previous postings.
Thanks for any help!
--
Prof Kenneth H Jacker       khj@cs.appstate.edu
Computer Science Dept       www.cs.appstate.edu/~khj
Appalachian State Univ
Boone, NC  28608  USA
|Subject: Not Allowing Local Archive Access
|To: mailman-users@python.org
|Date: 29 Dec 2000 13:16:59 -0500
|
|I have a hunch I'm just being dense/stupid, but I'm not sure how to
|make (a least some) list archives unreadable on the 'Mailman' host.
|
|It appears everything under ~mailman has at least `--x' permissions
|for the world/others and many have 'r-x' or just 'r--'.
|
|What do I do to make certain list archives *unreadable* locally?
|
|Thanks,
|
|  -Kenneth
|
|
|Subject: Truly Private Archives
|To: mailman-users@python.org
|Date: 05 Feb 2001 23:15:34 -0500
|
|Anyone on the local 'Mailman' machine can -- with even a little
|knowledge of Mailman's directory structure and hosted mailing lists --
|simply 'cd' to one of the "archives" sub-dirs and "read away".
|
|What if the permissions of /usr/local/etc/mailman (~mailman) are set
|to:
|        drwxrws---  mailman  mailman
|
|
|instead of the current:
|
|        drwxrwsr-x  mailman  mailman      ?
|
|
|Will the *entire* Mailman system still work correctly?
|
|Thanks for your comments!
|
|  -Kenneth

Mailman-Users maillist  -  Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users

Re: [Mailman-Users] Prohibiting Local Access to Archives

Dan Mick

tags

participants (1)