[Mailman-Users] Prohibiting Local Access to Archives

Dan Mick dmick at utopia.West.Sun.COM
Fri Apr 27 23:31:52 CEST 2001 

It seems to me that changing the permissions on the files you want
to prevent access to anyone other than group mailman would be 
sufficient, no?  Unless the process of adding to the files 
automatically resets the permissions, in which case it's probably
the umask on the process creating them that needs to be set to 006
instead of 002.

Agreed?

> This is the *third* letter I have written on the same topic.  Before I
> give up and return to using Majordomo for certain lists, I am trying
> one last time.
> 
> Is there a way to prohibit local users (with some knowledge of
> Mailman's archive directory structure and naming conventions) from
> seeing the contents of archived files?
> 
> I'd like to continue web-access to the archives for list members, but
> prohibit access to local users on the Mailman "host machine". The fact
> that ../mailman/archives/private/ has "drwxrws--x" permissions isn't
> sufficient.
> 
> Attached below are my previous postings.
> 
> Thanks for any help!
> 
> -- 
> Prof Kenneth H Jacker       khj at cs.appstate.edu
> Computer Science Dept       www.cs.appstate.edu/~khj
> Appalachian State Univ
> Boone, NC  28608  USA        
> 
>  |Subject: Not Allowing Local Archive Access
>  |To: mailman-users at python.org
>  |Date: 29 Dec 2000 13:16:59 -0500
>  |
>  |I have a hunch I'm just being dense/stupid, but I'm not sure how to
>  |make (a least some) list archives unreadable on the 'Mailman' host.
>  |
>  |It appears everything under ~mailman has at least `--x' permissions
>  |for the world/others and many have 'r-x' or just 'r--'.
>  |
>  |What do I do to make certain list archives *unreadable* locally?
>  |
>  |Thanks,
>  |
>  |  -Kenneth
>  |
>  |
>  |Subject: Truly Private Archives
>  |To: mailman-users at python.org
>  |Date: 05 Feb 2001 23:15:34 -0500
>  |
>  |Anyone on the local 'Mailman' machine can -- with even a little
>  |knowledge of Mailman's directory structure and hosted mailing lists --
>  |simply 'cd' to one of the "archives" sub-dirs and "read away".
>  |
>  |What if the permissions of /usr/local/etc/mailman (~mailman) are set
>  |to:
>  |        drwxrws---  mailman  mailman
>  |
>  |
>  |instead of the current:
>  |
>  |        drwxrwsr-x  mailman  mailman      ?
>  |
>  |
>  |Will the *entire* Mailman system still work correctly?
>  |
>  |Thanks for your comments!
>  |
>  |  -Kenneth
> 
> ------------------------------------------------------
> Mailman-Users maillist  -  Mailman-Users at python.org
> http://mail.python.org/mailman/listinfo/mailman-users

More information about the Mailman-Users mailing list