From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.0.1) Gecko/20021003 Description of problem: <blockquote> Since WEB-INF/resources/enterprise.init contains your database username and password, doesn't it make sense to chmod 0600, $app_home . 'dist/WEB-INF/resources/enterprise.init during configure.pl? People should probably take care of their own system.conf, but shouldn't the default be to keep enterprise.init safe from other users? Or is there an implied assumption that only administrators are going to be on a CCM app server? I guess I'd have to double check what 'chmod' does a Windoze box. Thanks for any comments on this one. - edan </blockquote> Version-Release number of selected component (if applicable): How reproducible: Always Steps to Reproduce: 1.ls -l /var/www/ccm-core/dist/WEB-INF/resources/enterprise.init 2. 3. Additional info:
Since it needs to be readable by the servlet, we must also 'chown' it to the user & group that the servlet runs under. Of course you can only run 'chown' on the file if the user running 'XXX-configure.pl' is 'root'. If they are not root, then I guess we should assume that the servlet will not be running under a dedicated user account & just skip the chown step.
implemented at ccm-scripts 1.3.6 (p4 changelist 33007)