Quoting Borden (2022-10-22 16:16:12) > 22 Oct 2022, 03:23 by jo...@jones.dk: > > I doubt I am able to contribute much to this bugreport. If/when you > > guys figure out something you'd like to get added to the radicale > > package (and it isn't too involving or exotic) then tell me and I will > > sure consider adopting it into the package. Other than that, I will > > leave you to it... > > > Fair, I understand that this is an off-documented use of Radicale. And I > suspect there are some upstream bugs beyond your scope, as the WSGI configs > aren't working as advertised. > > A couple of questions which I think you can answer and will help me: > 1. "secure" permissions for the Radicale store are 660, uid=radicale ; > gid=radicale, correct? Can they be more restrictive or should they be more > permissive? Should 600 work in the "recommended" setup?
600 could work - not convinced that it should, however: I see no security risk in allowing write access to a group which has only one user - except if the sysadmin lets anyone else into that group. > 2. /etc/default/radicale only gets read when radicale runs in standalone, > correct? Correct. > 3. The wiki.debian.org/Radicale needs to be overhauled since it doesn't > recommend best practices, yes? Probably - it is a _wiki_ page that I don't care about ;-) - Jonas -- * Jonas Smedegaard - idealist & Internet-arkitekt * Tlf.: +45 40843136 Website: http://dr.jones.dk/ [x] quote me freely [ ] ask before reusing [ ] keep private
signature.asc
Description: signature