[Zope] Filesystem Permissions for a Zope Install

Edward Pollard pollej@uleth.ca
Fri, 16 May 2003 11:30:01 -0600


Hey Guys,

Got some angst about permissions on the server we have Zope installed 
on. Up to now, world has had read access to the entire Zope tree. We 
need to turn that off since there are users that can access this server 
that should not be allowed to peruse the Python code we've been writing.

However, the only immediate alternative seems to be to add Apache to 
the "Zopeadmins" group we have, but that has read-write, and letting 
Apache have write is a potential security hazard.

Can anyone with greater knowledge of the interaction of Zope and Apache 
tell me if I can be more selective about my permissions? And, more 
generally, how have other people solved these problems?

Edward