From david@cs.dal.caWed Feb 7 14:24:29 1996 Date: Wed, 7 Feb 1996 11:28:15 -0400 From: David TruemanTo: CCN Technical Committee Subject: partial security model We should at some point write a document explaining the security model employd by CSuite. The following is a first contribution toward one aspect: httpd runs as user http and group http private data is stored in directories accessable by http (user or group) but with a .htaccess file and without world read capability various CGI programs (run as http) access private data, but the program itself takes responsibility to ensure that users can only access the subset of private data that they have a need and right to know (using REMOTE_HOST and REMOTE_IDENT -- right now REMOTE_IDENT is only trusted on the localhost) utility programs stored in lib directories may not individually check for access authority, but they are only called from carefully written CGI programs and they only have access when called by http or root As a corrollary, I have deleted cgi-lib from the httpd configuration as a CGI directory and will delete cgi-rlib as soon as I can be sure I won't break too much. David Trueman, Systems Manager, Dalhousie Math, Stats and Computing Science Co-Chair, Metro*CAN Society running Chebucto Community Net