Prohibiting Local Access to Archives
This is the *third* letter I have written on the same topic. Before I give up and return to using Majordomo for certain lists, I am trying one last time.
Is there a way to prohibit local users (with some knowledge of Mailman's archive directory structure and naming conventions) from seeing the contents of archived files?
I'd like to continue web-access to the archives for list members, but prohibit access to local users on the Mailman "host machine". The fact that ../mailman/archives/private/ has "drwxrws--x" permissions isn't sufficient.
Attached below are my previous postings.
Thanks for any help!
-- Prof Kenneth H Jacker khj@cs.appstate.edu Computer Science Dept www.cs.appstate.edu/~khj Appalachian State Univ Boone, NC 28608 USA
|Subject: Not Allowing Local Archive Access |To: mailman-users@python.org |Date: 29 Dec 2000 13:16:59 -0500 | |I have a hunch I'm just being dense/stupid, but I'm not sure how to |make (a least some) list archives unreadable on the 'Mailman' host. | |It appears everything under ~mailman has at least `--x' permissions |for the world/others and many have 'r-x' or just 'r--'. | |What do I do to make certain list archives *unreadable* locally? | |Thanks, | | -Kenneth | | |Subject: Truly Private Archives |To: mailman-users@python.org |Date: 05 Feb 2001 23:15:34 -0500 | |Anyone on the local 'Mailman' machine can -- with even a little |knowledge of Mailman's directory structure and hosted mailing lists -- |simply 'cd' to one of the "archives" sub-dirs and "read away". | |What if the permissions of /usr/local/etc/mailman (~mailman) are set |to: | drwxrws--- mailman mailman | | |instead of the current: | | drwxrwsr-x mailman mailman ? | | |Will the *entire* Mailman system still work correctly? | |Thanks for your comments! | | -Kenneth
Kenneth Jacker wrote:
This isn't a mailman problem, this is a problem with the way you haveyour setup.
For example, all of my users are UID.users, while mailman ismailman.mailman. No one in the users group can read anything in the mailman private directory. No matter how hard they try. They can read the public archives if they so feel like it, but that's it.
The mailman documentation tells you to create a separate group for it.There's a reason for that.
-- W | | I haven't lost my mind; it's backed up on tape somewhere. |____________________________________________________________________
Ashley M. Kirchner <mailto:ashley@pcraft.com> . 303.442.6410 x130
SysAdmin / Websmith . 800.441.3873 x130
Photo Craft Laboratories, Inc. . eFax 248.671.0909
http://www.pcraft.com . 3550 Arapahoe Ave #6
.................. . . . . Boulder, CO 80303, USA
"KJ" == Kenneth Jacker <khj@cs.appstate.edu> writes:
KJ> Is there a way to prohibit local users (with some knowledge of
KJ> Mailman's archive directory structure and naming conventions)
KJ> from seeing the contents of archived files?
KJ> I'd like to continue web-access to the archives for list
KJ> members, but prohibit access to local users on the Mailman
KJ> "host machine". The fact that ../mailman/archives/private/ has
KJ> "drwxrws--x" permissions isn't sufficient.That's because the world execute bit is still on for that subdir, so they can cd into and look around to their hearts content. Just go ahead and turn that bit off (i.e. make the perms drwxrws---).
Make sure that the archives are set to private. Also, anybody in the mailman group will still have access to that directory, but you should be controlling who's in that group pretty tightly anyway.
BTW, the default permissions for the dirs in archives/private probably ought to be 02770 anyway.
-Barry
Barry A. Warsaw (barry@digicool.com) said something that sounded like:
The other problem is that the files under it are readable by other. You should be able to do a 'chmod -R o-r' on the directory to get rid of that.
Ciao,
-- Pug Bainter | AMD, Inc. System Engineer, MTS | Mail Stop 625 Pug.Bainter@amd.com | pug@pug.net | 5900 E. Ben White Blvd Phone: (512) 602-0364 | Fax: (512) 602-6970 | Austin, TX 78741 Note: The views may not reflect my employers, or even my own for that matter.
"PB" == Pug Bainter <pug@pug.net> writes:
>> That's because the world execute bit is still on for that
>> subdir, so they can cd into and look around to their hearts
>> content. Just go ahead and turn that bit off (i.e. make the
>> perms drwxrws---).
PB> The other problem is that the files under it are readable by
PB> other. You should be able to do a 'chmod -R o-r' on the
PB> directory to get rid of that.Shouldn't be necessary, but it probably can't hurt.
-Barry
Kenneth Jacker wrote:
This isn't a mailman problem, this is a problem with the way you haveyour setup.
For example, all of my users are UID.users, while mailman ismailman.mailman. No one in the users group can read anything in the mailman private directory. No matter how hard they try. They can read the public archives if they so feel like it, but that's it.
The mailman documentation tells you to create a separate group for it.There's a reason for that.
-- W | | I haven't lost my mind; it's backed up on tape somewhere. |____________________________________________________________________
Ashley M. Kirchner <mailto:ashley@pcraft.com> . 303.442.6410 x130
SysAdmin / Websmith . 800.441.3873 x130
Photo Craft Laboratories, Inc. . eFax 248.671.0909
http://www.pcraft.com . 3550 Arapahoe Ave #6
.................. . . . . Boulder, CO 80303, USA
"KJ" == Kenneth Jacker <khj@cs.appstate.edu> writes:
KJ> Is there a way to prohibit local users (with some knowledge of
KJ> Mailman's archive directory structure and naming conventions)
KJ> from seeing the contents of archived files?
KJ> I'd like to continue web-access to the archives for list
KJ> members, but prohibit access to local users on the Mailman
KJ> "host machine". The fact that ../mailman/archives/private/ has
KJ> "drwxrws--x" permissions isn't sufficient.That's because the world execute bit is still on for that subdir, so they can cd into and look around to their hearts content. Just go ahead and turn that bit off (i.e. make the perms drwxrws---).
Make sure that the archives are set to private. Also, anybody in the mailman group will still have access to that directory, but you should be controlling who's in that group pretty tightly anyway.
BTW, the default permissions for the dirs in archives/private probably ought to be 02770 anyway.
-Barry
Barry A. Warsaw (barry@digicool.com) said something that sounded like:
The other problem is that the files under it are readable by other. You should be able to do a 'chmod -R o-r' on the directory to get rid of that.
Ciao,
-- Pug Bainter | AMD, Inc. System Engineer, MTS | Mail Stop 625 Pug.Bainter@amd.com | pug@pug.net | 5900 E. Ben White Blvd Phone: (512) 602-0364 | Fax: (512) 602-6970 | Austin, TX 78741 Note: The views may not reflect my employers, or even my own for that matter.
"PB" == Pug Bainter <pug@pug.net> writes:
>> That's because the world execute bit is still on for that
>> subdir, so they can cd into and look around to their hearts
>> content. Just go ahead and turn that bit off (i.e. make the
>> perms drwxrws---).
PB> The other problem is that the files under it are readable by
PB> other. You should be able to do a 'chmod -R o-r' on the
PB> directory to get rid of that.Shouldn't be necessary, but it probably can't hurt.
-Barry
participants (4)
-
Ashley M. Kirchner -
barry@digicool.com -
Kenneth Jacker -
Pug Bainter