[Mailman-Users] Separating Public and Private Archives
msapiro at value.net
Wed Jun 7 03:10:33 CEST 2006
Barry Finkel wrote:
>The mailman code puts, for public archives, a pointer to the
>private directory. This will prevent public access to the private
>archives if the archives are on a traditional Unix file system.
>I am experimenting with placing the archives in the Andrew File
>System (AFS), where access is controlled by access control lists.
>In AFS, a non-privileged user can see the private archives.
>Is there an easy way to change the mailman behavior so that the
>public archives are placed into their own directory and are not
>symbolic links to the private directory? Thanks.
No, there isn't, but consider that even though the web server would
theoritically have access to the private archives, how would a user
access them? The 'pipermail' url is an alias to the symlink in the
archives/public/ directory and the symlink doesn't exist for a private
archive so the pipermail url won't work.
Direct access to the archives/private/ directory is through the
'private' cgi-bin wrapper and script which requires user authorization.
Thus, the only way to access a private archive without authorization is
to craft a URL (presumably a pipermail URL with some /../ directories
in it, but maybe something else) that will do it. I won't say it's not
possible to make this work with modern web servers/browsers, but I've
tried, and I can't.
Mark Sapiro <msapiro at value.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users