[Zope-dev] zope and UNIX permissions

Bill Anderson bill@libc.org
Wed, 12 Jul 2000 18:27:54 -0600


Chris McDonough wrote:
> 
> > > The other file (pcgi.soc) is a unix domain socket...  it
> > gets created
> > > when you run "python w_pcgi" as a Zope install command from
> > the source
> > > distribution.  I'm not sure of the danger of having this get created
> > > 777.  It might be worthwhile to look into what could be done to it.
> >
> > Well, other than zope not responding over pcgi if it isn't 777?
> > I just tried this out of curiousity. No response through pcgi.
> 
> Hmmm... thanks for trying it.  This doesn't seem much of a risk, does
> it?

Not that I can see off-hand. It is only a socket, a means for
communicating with Zope. The 'risk' would only lie in Zope's Security
mechanisms. ;-)

The only possible risk would be a DoS type manuever if random user could
rewrite the pcgi.soc socket. You could control this through var
directory permissions, will try this out and report back.

Bill

-- 
"Linux: the operating system with a CLUE...
Command Line User Environment".

seen in a posting on comp.software.testing