[Mailman-Users] Prohibiting Local Access to Archives

[Kenneth Jacker]

This is the *third* letter I have written on the same topic.  Before I
give up and return to using Majordomo for certain lists, I am trying
one last time.

Is there a way to prohibit local users (with some knowledge of
Mailman's archive directory structure and naming conventions) from
seeing the contents of archived files?

I'd like to continue web-access to the archives for list members, but
prohibit access to local users on the Mailman "host machine". The fact
that ../mailman/archives/private/ has "drwxrws--x" permissions isn't
sufficient.

Attached below are my previous postings.

Thanks for any help!

-- 
Prof Kenneth H Jacker       khj at cs.appstate.edu
Computer Science Dept       www.cs.appstate.edu/~khj
Appalachian State Univ
Boone, NC  28608  USA        

 |Subject: Not Allowing Local Archive Access
 |To: mailman-users at python.org
 |Date: 29 Dec 2000 13:16:59 -0500
 |
 |I have a hunch I'm just being dense/stupid, but I'm not sure how to
 |make (a least some) list archives unreadable on the 'Mailman' host.
 |
 |It appears everything under ~mailman has at least `--x' permissions
 |for the world/others and many have 'r-x' or just 'r--'.
 |
 |What do I do to make certain list archives *unreadable* locally?
 |
 |Thanks,
 |
 |  -Kenneth
 |
 |
 |Subject: Truly Private Archives
 |To: mailman-users at python.org
 |Date: 05 Feb 2001 23:15:34 -0500
 |
 |Anyone on the local 'Mailman' machine can -- with even a little
 |knowledge of Mailman's directory structure and hosted mailing lists --
 |simply 'cd' to one of the "archives" sub-dirs and "read away".
 |
 |What if the permissions of /usr/local/etc/mailman (~mailman) are set
 |to:
 |        drwxrws---  mailman  mailman
 |
 |
 |instead of the current:
 |
 |        drwxrwsr-x  mailman  mailman      ?
 |
 |
 |Will the *entire* Mailman system still work correctly?
 |
 |Thanks for your comments!
 |
 |  -Kenneth