On 15/03/2006 07:34, Lionel Elie Mamane wrote: > We're open to suggestions. That thing must be group list so that > mailman can write there. Putting www-data as user would give www-data > too much power there. We cannot put the files themselves non world > readable, as Apache won't serve anything that isn't world-readable as > far as I remember. The same holds for putting www-data in group list.
Could the world read and execute permissions be set on a per list basis? So the world read and execute permissions would be added to the archives/private/list/ and archives/private/list.mbox/ directories when a list's archives are made public and removed when they are made private, at the same time as the archives/public/list links are created and removed. Does anything other than the web server rely on world permissions to access these files? The appropriate place to do this would appear to be in CheckHTMLArchiveDir at the end of Mailman/Archiver/Archiver.py Roger -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]