Re: [cpx] Hardening directory rights and cpx

[ADNET Ghislain <gadnet@xxxxxxxxxx>]

Ru

> Ghislain,
>
> iManager is an suid program that drops privs down to the authenticated 
> user level... so iManager won't (or rather, shouldn't) care.
>
> The underlying VSAP modules that perform _most_ of the CPX tasks 
> operate in much the same way as iManager; they will run as if they are
> the authenticated user (well, except for tasks which are done on files
> owned by endusers at the behest of a domain admin).  There are, however,
> some tasks which are handled without any other privileges but those that
> are given to the apache user/group (www/www).  The ones that I can think
> of off the top of my head are upload file (such as a mail attachment)
> and download file.  Therefore, a home directory mode of 750 would
> probably not be wise for any user that uses CPX, or at least, any user 
> that expects CPX to behave and operate normally... 751 should be ok.  
>
> Inside your home directory, you can chmod 700 on any subdirectory with
> the exception of ".cpx_tmp".  Your subdirectories such as "Mail" should
> already be 700.
>
> hth.
>
> --rus.
ok i see, so i bet i will go for 751 for everyone then ;)

Thanks for the help !

regards,
Ghislain.

======================================================================
This is <cpx@xxxxxxxxxxxxx>      <http://www.groupmail.org/lists/cpx/>
Before posting a question, please search the archives (see above URL).