Re: Bug#485562: twiki: configure script access badly protected

[Olivier Berger <olivier.berger@it-sudparis.eu>]

Le vendredi 27 juin 2008 à 15:18 +0100, Justin B Rye a écrit :

> > Template: twiki/configuser
> > Type: string
> > Default: configuser
> > #flag:comment:2
> > # Translators, do not translate "'configure'" script's name
> > _Description: Apache user allowed access to 'configure' script
>                 ^^^^^^
> >  Please enter the username of the admin user who will be allowed to
>                                     ^^^^^
> >  run the configure script at ${site}/cgi-bin/configure.
> > 
> > Template: twiki/configpassword
> > Type: password
> > #flag:comment:2
> > # Translators, do not translate "site" and "configuser" in the variables
> > _Description: Password for ${configuser}:
> >  Please enter the password of the apache user who will be allowed to
>                                     ^^^^^^
> >  run the configure script at ${site}/cgi-bin/configure.
> 
> Is this apparent inconsistency intentional?  By "Apache user" I
> assume it means what I'd have called a "TWiki account"...?

No. My mistake. Thanks for pointing it out.

*Should be "apache" in all three.*

By "apache user", I mean something which relates to Require user in the
apache.conf section of the 'configure' script... of course, this assumes
that it's running apache and no other web server ;)

In any case, that's meant to differenciate from "TWiki users", which are
managed "inside twiki".

Best regards,

P.S.: will 10 days be enough ? ;)
-- 
Olivier BERGER <olivier.berger@it-sudparis.eu>
http://www-public.it-sudparis.eu/~berger_o/ - OpenPGP-Id: 1024D/6B829EEC
Ingénieur Recherche - Dept INF
Institut TELECOM, SudParis (http://www.it-sudparis.eu/), Evry (France)