[Pkg-sql-ledger-discussion] Permissions and ownership of /etc/ledgersmb/ledgersmb.conf
Elizabeth Bevilacqua
lyz at princessleia.com
Sun Sep 14 14:56:54 UTC 2008
On Mon, Sep 1, 2008 at 3:15 PM, Roberto C. Sánchez <roberto at connexer.com> wrote:
> it appears that by default, /etc/ledgersmb/ledgersmb.conf has these
> permissions:
>
> -rw-r--r-- 1 root root 1143 2008-09-01 15:08 /etc/ledgersmb/ledgersmb.conf
>
> Wouldn't something like this be more sensible?
>
> -rw-r----- 1 root www-data 1143 2008-09-01 15:08 /etc/ledgersmb/ledgersmb.conf
>
> In particular I am thinking that because the instructions in
> README.Debian have the user populate the database password into that
> file, having that file be world-readable is a Bad Thing(TM).
Good point, thank you. I need to look into how upstream handles this
and then do some digging in the giant make file patch - my first go at
altering permissions was unsuccessful but I needed to get the first
1.2.16 release out (now up on Alioth and SourceForge), so it'll have
to wait until I have more time.
> Also, the README.Debian has this string:
>
> "Depending on the configuration of your daabase"
>
> That should probably say:
>
> "Depending on the configuration of your database"
Thanks, fixed in latest release (rewrote this entire section for
better clarity in general).
--
Elizabeth Bevilacqua // Lyz // pleia2
http://www.princessleia.com
More information about the Pkg-sql-ledger-discussion
mailing list