10 Oct
2002
10 Oct
'02
2:17 a.m.
On Thu, 10 Oct 2002 03:44:45 +0200 Paul Boehm <typo@soniq.net> wrote:
as i see it, tap r/w access shouldn't be any different from application code access in terms of severity.
Sure - allow reads but *NOT*!!! writes. Because if you let var-www write to python code that's going to be imported by a suid root app you're in a bad situation. If your tap is run by root it should not be writable by non-root users. -- Itamar Shtull-Trauring http://itamarst.org/ Available for Python, Twisted, Zope and Java consulting