Hello, I'm working on a new version of my 'wwwofflebook' script to 'insert' browser bookmarks into the purge section. I'll post a tarball here (it's still small), when it's finished.
Anyway, i have some questions. (1) As you might remember, the concept is designed for a desktop machine using wwwoffle for enterprise-local-browser-caching :) or at best for serving a minimal home-net. A trusted user invokes the script, that exchanges a 'dynamic' section in the purge.conf by recently extracted browser-bookmark-domains. This user has to create a ~/.wwwoffle directory where the purge.conf and other wwwofflebook files are stored, to give her the necessary writing access to all these files. This avoids writing access to /etc/wwwoffle. There, in /etc/wwwoffle, we exchange purge.conf by an equal named symlink to the user's purge file. However, i discovered it only works if the user is member of the wwwoffle daemon group. Here, on a debian, this is 'proxy'. I must admit i don't remember exactly what it was - probably sth. with access permissions. Anyway, i thought it's alright to add this trusted user to the 'proxy' group, and use this group for fine-tuning the access rights to the wwwofflebook scripts, in turn. These are rwxr-x--- for root.proxy, placed in /usr/local/bin. Keep in mind it's designed for desktop machines where only a few people may log in. Now the question is: Do you see anything too complicated, or even a severe security risk in this approach ? (2) Every time i use the wwwoffle web-interface to configure the purge section, the link is overwritten by the actual file. Would it be a security risk to make wwwoffle follow a symlink ? (The .bak file doesn't matter) (3) Would it be too much asked to make wwoffle sort the -purge output after (I) expiring limit + (II) alphabetically ? It's rather expensive to do this in BASH, and I'd appreciate this very much. greetings -- Michel... .
