The debian-private mailing list leak, part 1. Volunteers have complained about Blackmail. Lynchings. Character assassination. Defamation. Cyberbullying. Volunteers who gave many years of their lives are picked out at random for cruel social experiments. The former DPL's girlfriend Molly de Blanc is given volunteers to experiment on for her crazy talks. These volunteers never consented to be used like lab rats. We don't either. debian-private can no longer be a safe space for the cabal. Let these monsters have nowhere to hide. Volunteers are not disposable. We stand with the victims.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: WebStandard 3.0 Proposal

To: debian-private@lists.debian.org
Subject: Re: WebStandard 3.0 Proposal
From: Jean Pierre LeJacq <jplejacq@quoininc.com>
Date: Sun, 19 Jan 1997 23:33:01 -0500 (EST)
Cc: debian-private@lists.debian.org
Importance: low
In-reply-to: <Pine.LNX.3.95.970119182541.27339A-100000@waterf.org>
Priority: non-urgent
Reply-to: Jean Pierre LeJacq <jplejacq@quoininc.com>
Resent-from: debian-private@lists.debian.org
Resent-message-id: <"p7VWc.0.0o3.ALluo"@master.debian.org>
Resent-reply-to: debian-private@lists.debian.org
Resent-sender: debian-private-request@lists.debian.org

On Sun, 19 Jan 1997, Christoph Lameter wrote:

> Here again a repeat of the proposal:
> 
> 1. Packages install cgi-bin scripts / executables as
> 
> /usr/lib/cgi-bin/x
> 
> which the webserver makes accessible via URL http://localhost/cgi-bin/x
> by whatever means available.
> 
> The webserver / sysadmin does not need to have the cgi-bin pointed
> to that location but might instead choose arbitrary methods to
> increase security accessing those executable scripts.
> 
> 2. Package documentation is installed in /usr/doc/package/somename.html
> as per our policies and is accessible as
> 
> http://localhost/doc/package/somename.html
> 
> Again it is irrelevant how the webserver makes these files accessible.
> In the simplest case this could be done with a symlink or a alias in the
> webserver configuration file.
> 
> By the way please change the policy to allow uncompressed .html code
> in /usr/doc/package/*.html.

I didn't find these issues to be a problem when implementing the
WebStandard 2.3.  What is a problem for the wn server is considering
/usr/doc to be read-only.  This is due to the fact that wn requires a
database file, index and index.cache, to allow access in each directory
served. 

The brute force approach I've tried out is replicate the directory
hierarchy under the root directory of wn.  I then added an entry for each
file from the /usr/doc hierarchy into the appropriate directory's index
and create index.cache using a wn utility.  The index.cache file provides
links to the actual files to be served.  I plan on keeping the two
hierarchies in sync with a cron entry. 

I considered using a CGI script, per Bruce's suggestion, but don't see how
to intercept something like

   http://localhost/doc/package/package_subdir/something.html

without creating the directory hierarchy anyway.

wn might also cause problems with the cgi scripts if authentication is
enabled or certain types of access control are enabled.  Basically the
scripts have to be owned by certain users or groups.  Still investigating
this.

--- Jean Pierre

--
Please respect the confidentiality of material on the debian-private list.
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-private-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

References:
- WebStandard 3.0 Proposal
  - From: Christoph Lameter <clameter@waterf.org>

Prev by Date: Re: official CD business
Next by Date: Re: WebStandard 3.0 Proposal
Previous by thread: WebStandard 3.0 Proposal
Next by thread: Re: WebStandard 3.0 Proposal
Index(es):
- Date
- Thread