Le vendredi 15 août 2008 à 08:10 +0200, Olivier Berger a écrit :
> Still I have one doubt about the change for
> $TWiki::cfg{RCS}{WorkAreaDir} and $TWiki::cfg{TempfileDir}
> in case of upgrades...
>
> Will try and report for my upgrade tests.
>
OK, upgrades from -3.2 to -4 seem fine in this respect. I was worried
for nothing it seems.
But I have a concern about the use of a /tmp subdir, still.
It seems common situation to have /tmp purged (over reboots, nightly ?).
Unless something garantees that it may not happen on any Debian server
running twiki ?
What will guarantee that the permissions of that dir will remain
constant ?
And as that dir will be recreated by TWiki on next access to the CGI,
there's nothing preventing a local user to have recreated the dir with
different permissions in between... and everything may be vulnerable
again.
If no user messes between /tmp purge and dir re-creation by twiki, then
the dir will be created by twiki as :
drwxr-xr-x 2 www-data www-data 4096 Aug 15 08:36 twiki.whatever
which obviously seems safe, but doesn't have the T bit anymore...
So I'm not so sure that solution is really improving so much :( If /tmp
contents (subdirs) is not guaranteed to remain with a fixed set of
rights once defined, then I guess there's no point in trying to worry
about it in packages scripts (postinst).
I guess that the use of (subdir of ?)
$TWiki::cfg{WorkingDir} = '/var/lib/twiki/working'; and some purge
mechanism for the cgi session files may be worth considering.
Comments welcome.
Best regards,
P.S.: received no comment on my policy/best practices request for web
apps sessions on debian-devel... well... not so much disapointed,
but... :-/
--
Olivier BERGER <[EMAIL PROTECTED]>
http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 1024D/6B829EEC
Ingénieur Recherche - Dept INF
Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
