[rt-devel] observations about the 1.3 install script
tobiasb at tobiasb.funcom.com
Thu Jun 1 23:50:04 EDT 2000
> Only chown files or directories which must be writable by rt. I guess
> this means only the password file, since everything else is in the db?
I did modify it like this:
if [ \! -d $(RT_PATH) ] ;
chown -R $(RTUSER) $(RT_PATH)
chgrp -R $(RTGROUP) $(RT_PATH)
chmod 0755 $(RT_PATH)
chmod -R 755 $(RT_LIB_PATH)
chmod -R 0750 $(RT_ETC_PATH)
chmod 0755 $(RT_BIN_PATH)
chmod 0755 $(WEBRT_CGI_PATH)
chmod 4755 $(RT_PERL_MUX)
chmod 777 $(WEBRT_DATA_PATH)
I haven't tested it ... but it should be pretty OK, shouldn't it?
> I agree that it's not critical, but if there is nothing gained then it
> should not be done. Since some people run RT on internet-accessible
> machine security is not unimportant.
I guess the plan is to make the script sgid and make the config (with the
password) group readable. Do you have better suggestions?
"The trouble with the world is that the stupid are
cocksure and the intelligent are full of doubt."
- Bertrand Russell
More information about the Rt-devel