Tags:
create new tag
view all tags

Question

We've installed an intranet TWiki on a shared server that people can login to freely.

The default file permission for TWiki pages in data/Main/ and the other TWiki webs is 664.

We will have some pages we'd like to keep at least from casual prying eyes. Is it safe to turn off access to the world (chmod o-w, to 640 or 660) for the files in the data/... directories without encountering any difficulties with Twiki running? And will TWiki create new pages with world-readable permissions, and how might we fix that (e.g. by directory chmod)?

Thanks.

Environment

TWiki version: TWikiRelease04x01x02
TWiki plugins: DefaultPlugin, EmptyPlugin, InterwikiPlugin
Server OS: Centos 5.0
Web server: Apache 2.0.52 (no mod_perl)
Perl version: 5.8.5
Client OS: n/a
Web Browser: n/a
Categories: Security

-- DanHalbert - 17 Jul 2007

Answer

ALERT! If you answer a question - or someone answered one of your questions - please remember to edit the page and set the status to answered. The status selector is below the edit box.

To answer my own question:

After poking around in the code, I found the right thing to do was to change the *Store Settings* in the Configuration page to:

  • {RCS}{dirPermission} to 0750
  • {RCS}{filePermission} to 0640

Then I did chmod -R o-rwx data/ to fix the initial permissions.

-- DanHalbert - 20 Aug 2007

Change status to:
WebForm
SupportStatus AnsweredQuestions
Edit | Attach | Watch | Print version | History: r2 < r1 | Backlinks | Raw View | Raw edit | More topic actions
Topic revision: r2 - 2007-08-20 - DanHalbert
 
  • Learn about TWiki  
  • Download TWiki
This site is powered by the TWiki collaboration platform Powered by Perl Hosted by OICcam.com Ideas, requests, problems regarding TWiki? Send feedback. Ask community in the support forum.
Copyright © 1999-2026 by the contributing authors. All material on this collaboration platform is the property of the contributing authors.