[Zope] localfs, how to secure for homedirs...
Jaroslav Lukesh
lsh@wo.cz
Fri, 21 Mar 2003 10:15:01 -0000
: Odes=EDlatel: Jim Penny <jpenny@universal-fasteners.com>
: Localfs objects have to be readable (at least) by the userid that zope
: is running as. Zope should not be run as root, for a variety of good
: reasons. Presumably your users own their own files, and in a modern
: system, are proably in individual groups.
Another solution - what about samba server at local machine and smbfs
mounted to the same machine?
localfs_user1 --> smbfs_mountedfolder_user1 --> /home/user1
localfs_user2 --> smbfs_mountedfolder_user2 --> /home/user2
etc...
Mounting like (single line):
mount -t smbfs -o uid=3Dxxx,gid=3Dxxx,username=3Duser1,password=3Dffffff
//localhost/mountpointuser1 /zope_localfs/user1
=20
You only need to hide this file from reading at all, allow executing only=
.=20
Rights like --x--x--x root root=20
I was used years ago this similar solution for multiple thin dosemu
clients.
JL.