[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

root directory access (Re: [Demexp-dev] logins and account creation.

From: Augustin
Subject: root directory access (Re: [Demexp-dev] logins and account creation.
Date: Sat, 7 Oct 2006 17:49:14 +0800
User-agent: KMail/1.8.2

Thank you François :)

On Saturday 07 October 2006 05:19 pm, address@hidden wrote:
> > Why are you  so worried about who gets access to the root directory of
> > the web server?
> Just for clarity, we do not speak about root directory but about root
> account, i.e. power to read and wrtie every bit on the memory and the
> hard drive of the server. 

Oh! That's an interesting distinction I failed to see.

My concern about access to the root server directory (the root of, 
was for convenience, when updating the files necessary for Drupal. Of course, 
I can always ask someone else to upload files, I don't mind, but it is not 
really efficient. ("I need to install this module, or update that file. Can 
you upload it for me on the server?" ... and wait until the next day before I 
can configure the newly uploaded module...).

If the server root is at /var/www/html/ (i.e. where Drupal's index.php should  
be), then I only need to have ftp / ssh access to that directory. I don't 
care about a linux root account with access to / . 

The demexp questions, votes and other data would be, at /home/demexp/ or 
at /var/data/demexp/ or wherever. 
I don't need to have access to that and I don't care about it.
My job is *only* to help with the *web site*.

> > From the security and privacy point of view, an anonymous hash would have
> > been much better.
> Interesting idea. Should be explored.

I have been thinking about it quite a bit, while writing my earlier email. 
I will publish a small paper about this next week with a more detailed 
description of a possible implementation, that can then be discussed further. 
I think that together we can come up with a scheme that is much better than 
the current one.

But that's for stage 2 or 3. 
I'll carry on the implementation of the module with what we already have on 
the server now for stage 1.
If we adopt another implementation later, we'll arrange an upgrade path from 
the current implementation.



Because we and the world need to change.
Intimate Relationships, peace and harmony in the couple.
Revolutionary Psychology, White Tantrism, Dream Yoga...
Condorcet, Approval alternative, better voting methods.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]