[Mailman-Users] Separating Public and Private Archives

[Mark Sapiro]

Barry Finkel wrote:

>The mailman code puts, for public archives, a pointer to the
>private directory.  This will prevent public access to the private
>archives if the archives are on a traditional Unix file system.
>I am experimenting with placing the archives in the Andrew File
>System (AFS), where access is controlled by access control lists.
>In AFS, a non-privileged user can see the private archives.
>
>Is there an easy way to change the mailman behavior so that the 
>public archives are placed into their own directory and are not
>symbolic links to the private directory?  Thanks.

No, there isn't, but consider that even though the web server would
theoritically have access to the private archives, how would a user
access them? The 'pipermail' url is an alias to the symlink in the
archives/public/ directory and the symlink doesn't exist for a private
archive so the pipermail url won't work.

Direct access to the archives/private/ directory is through the
'private' cgi-bin wrapper and script which requires user authorization.

Thus, the only way to access a private archive without authorization is
to craft a URL (presumably a pipermail URL with some /../ directories
in it, but maybe something else) that will do it. I won't say it's not
possible to make this work with modern web servers/browsers, but I've
tried, and I can't.

-- 
Mark Sapiro <msapiro at value.net>       The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan