[rt-devel] observations about the 1.3 install script
Tobias Brox
tobiasb at tobiasb.funcom.com
Thu Jun 1 23:50:04 EDT 2000
> Only chown files or directories which must be writable by rt. I guess
> this means only the password file, since everything else is in the db?
I did modify it like this:
fixperms:
if [ \! -d $(RT_PATH) ] ;
then
chown -R $(RTUSER) $(RT_PATH)
chgrp -R $(RTGROUP) $(RT_PATH)
chmod 0755 $(RT_PATH)
fi
chmod -R 755 $(RT_LIB_PATH)
chmod -R 0750 $(RT_ETC_PATH)
chmod 0755 $(RT_BIN_PATH)
chmod 0755 $(WEBRT_CGI_PATH)
chmod 4755 $(RT_PERL_MUX)
chmod 777 $(WEBRT_DATA_PATH)
I haven't tested it ... but it should be pretty OK, shouldn't it?
> I agree that it's not critical, but if there is nothing gained then it
> should not be done. Since some people run RT on internet-accessible
> machine security is not unimportant.
I guess the plan is to make the script sgid and make the config (with the
password) group readable. Do you have better suggestions?
--
"The trouble with the world is that the stupid are
cocksure and the intelligent are full of doubt."
- Bertrand Russell
More information about the Rt-devel
mailing list