[6214] in Release_7.7_team
Re: relaxing permissions on psutils locker
daemon@ATHENA.MIT.EDU (Mitchell E Berger)
Wed Feb 18 05:11:16 2009
Message-Id: <200902181010.n1IAAWtP000410@byte-me.mit.edu>
To: Alex T Prengel <alexp@MIT.EDU>
cc: Jonathon Weiss <jweiss@MIT.EDU>, release-team@MIT.EDU
In-Reply-To: Your message of "Tue, 17 Feb 2009 14:13:03 EST."
<200902171913.n1HJD3Vc003910@dit.mit.edu>
Date: Wed, 18 Feb 2009 05:10:32 -0500
From: Mitchell E Berger <mitchb@MIT.EDU>
X-Spam-Flag: NO
X-Spam-Score: 0.00
> >The current psutils locker has system:authuser:rl. Does anyone know
> >if there would be a problem with adding mit rl to the ACL
>
> This should be OK provided that the IP ranges stay within MIT (the site in
> the license is defined as "MIT, 77 Mass. Ave., Cambridge, MA"; the license
> dates from 1985).
>
> We should keep the source more restricted (as it is now is OK:
> system:source-access rl, system:release-team all).
Alex,
If there's a real issue with distributing the content to the world
at large, you should know that if we add mit to the ACL, this means
that the MIT webservers will suddenly have access to the files, and
people will be able to download them (from anywhere) via
http://web.mit.edu/psutils. This can be thwarted if we also add
a .htaccess.mit file to tell the webservers not to hand out the files,
of course, and I'm guessing that's the best compromise.
Mitch
