On September 18, 2003 at 11:17, Cheryl Trooskin wrote:
I'm working on integrating mharc with Mailman's password-protection
scheme (and am nearly done. whew! long report of all the fun will be
forthcoming if anyone's interested).
I am interested. However, you may want to send it to the
mhonarc-dev(_at_)mhonarc(_dot_)org list, especially if it is technical in
nature.
One thing I'm doing is setting file permissions appropriately so that as
much as possible, public archives and search-related things are
other-readable (so the webserver can get them) and private archives are
not (and just served via mailman), which is the best compromise I can
come up with for protecting the privacy of list-members from nosy users
on my system. The public-ness of the search stuff is far from perfect,
but I think at the moment I'm satisfied with protection from casual
poking-around, as it's better than what I had before. This has mostly
involved little tweaks to web-archive.
...
I'm a little confused on the context. Are you talking about
permissions wrt to the local file system or permissions as they relate
to web access? I am guessing the latter.
If this is the case, mucking with file permissions is not needed
since all authentication should be controled via the web server.
I do not know much about Mailman, but it appears you could auto-create
htpasswd files (or dbms depending on which Apache auth module you are
using) from mailman data. I.e. Create usernames to match subscriber
addresses and passwords to match subscriber passwords.
Then, configure Apache to perform authentication for each
directory associate with each private list (the same can be done
for mbox archives).
I'm making good progress, but I'm currently puzzling over the search
indices. It appears that what I did to make the html files for private
lists non-other-readable has leaked out and affected search-related files
like NMZ.i/ii, NMZ.p/pi, NMZ.t, NMZ.w/wi for the private lists. This
makes sense; I'm guessing that namazu is giving the search index similar
perms to those of the files that were indexed.
Searching is a bit tricky since the same CGI program is used for
all archives. Therefore, someone could technically perform searches
on private archives (but they would still be unable to access entire
messages).
The extract original message CGI has the same issue, but it
can be used to circumvent any web access permissions if someone
knows the message-id of the message they want. It does seem
if someone knows the message-id, than they already have a copy
of the message. But they could share that information (by
a direct link) for others to bypass authentication.
You could always disable access to the CGI, and even the
mbox archives, if there use is not essential.
My question is: I'm thinking about hacking a chmod into web-archives
&namazu_cleanup(); is there perhaps a better place for me to put this
code? I don't think I want to change mknmz so its behavior is changed
for all users; other people on my system are already talking about
wanting to use it. Or am I misunderstanding why my permissions on those
files are coming out they way they are in the first place (in which case,
I can take this question to namazu-users-en instead)?
Not knowing all that you are trying to do and how you have things setup,
I am concerned if you are implementing the best solution for your problem.
(final step: appropriate permissions for the mboxes. If I'm not
mistaken, I just have to make sure that the folder created to hold a
lists's mboxes has the right permissions, and procmail will do the right
thing with regards to creating new yyyy-mm mboxes. and yes, I realize
this means that my listowners will have to contact me if they want to
change their lists public/private archive status. I've let them know
of this & nobody's complained yet, so I'm keeping my fingers crossed.)
I guess it looks like what you are doing is particular with mailman, so
I can only provide little guidance there. Whatever the issue, attempts
should be made to keep mharc and mailman as separate as possible (i.e.
mharc should not be making any mailman specific calls). However,
mharc could be updated to include features that would facilitate
such integration (like options to specify file permissions).
BTW, you may want to contact the Savannah guys about integration of
mailman and mharc. The GNU folks use mailman as the list manager
for savannah projects, but they use mharc for the mail archives.
I have not received any message from them on the nature of what
they actually have done, but they may have done some of things you
are doing.
--ewh
---------------------------------------------------------------------
To sign-off this list, send email to majordomo(_at_)mhonarc(_dot_)org with the
message text UNSUBSCRIBE MHARC-USERS
