Conference gyro::internet_toolss

4553.0. "Problem in publishing a document on FASTTRACK " by MLNCSC::ZAGHI () Wed Mar 19 1997 08:11

Hello,

I created an html document by NETSCAPE V3.0 (installed on my 
Digital Unix system) .
After this creation I tried to publish the document on a server with NETSCAPE
FASTTRACK SERVER V2.01 installed . To do this I did the following action :

1) in "NETSCAPE EDITOR" window I opened the file "test.html" by the "Open"
   button

2) at this point I selected the "Publish" button to put the document on the
   server 

3) "NETSCAPE:PUBLISH FILES" window appeared . I filled in the field "Upload
   files to this location (FTP or HTTP)" writing the reference to the server :
   http://bluff.mln.dec.com 
   at the end I selected the "OK" button 

4) "NETSCAPE:FORBIDDEN" window appeared with the following error message :

    ERROR UPLOADING FILES

    The server responded :

    FORBIDDEN

    Your client is not allowed to access the requested object 

After the above actions I did the following check in "admin" of the
NETSCAPE FASTTRACK SERVER (on the node bluff.mln.dec.com) :

1) in "CONTENT MANAGEMENT" menu I selected "REMOTE FILE MANIPULATION" . I could
   see that at the question "Activate file manipulation command?", "yes" was 
   selected 

2) in "ACCESS CONTROL" menu I selected "RESTRICT ACCESS" . Here I could see that
   READ and WRITE access were ALLOW on the "entire server"

So , from the point of view of NETSCAPE FASTTRACK SERVER I could put an html
document from a client to the server.

The two ways that I found to by-pass the problem were the following:

1) changing from "Nobody" to "root" the field "User" in the page "View server
   settings" that I colud find in the "SYSTEM SETTING" item menu of the
   NETSCAPE FASTTRACK SERVER "admin" page.

2) changing the protections at /usr/ns-home/docs directory with the command
   
   #chmod 777 /usr/ns-home/docs 

    The original protections on this directory were :
    # 22859 drwxr-xr-x   2 root     daemon      8192 Mar 19 11:39 docs
    after the above command protections were 
    # 22859 drwxrwxrwx   2 root     daemon      8192 Mar 19 11:39 docs

    in this way any user can write in this directory


But I'd like to know if the above actions are correct or if exist a recommended 
philosophy to configure the NETSCAPE FASTTRACK SERVER to allow a "publish"
action from the clients.

Many thanks in advance 

Regards

Paolo 
(CSC , Milan)    
    

re Note 4553.0 by MLNCSC::ZAGHI:

> The two ways that I found to by-pass the problem were the following:
> 
> 1) changing from "Nobody" to "root" the field "User" in the page "View server
>    settings" that I colud find in the "SYSTEM SETTING" item menu of the
>    NETSCAPE FASTTRACK SERVER "admin" page.
> 
> 2) changing the protections at /usr/ns-home/docs directory with the command
>    
>    #chmod 777 /usr/ns-home/docs 
> 
>     The original protections on this directory were :
>     # 22859 drwxr-xr-x   2 root     daemon      8192 Mar 19 11:39 docs
>     after the above command protections were 
>     # 22859 drwxrwxrwx   2 root     daemon      8192 Mar 19 11:39 docs
> 
>     in this way any user can write in this directory

        Clearly, regardless of its configuration settings (and yours
        seem to be correct for access and remote file manipulation),
        the server cannot write into a directory to which its user
        has no write access.

        As you saw, you could change this either by changing the user
        (but changing it to "root" is definitely not recommended) or
        by allowing anybody to write in the directory.  A better
        variation on that latter approach is to change the owner or
        group of the directory to match the non-privileged user
        under which the server is running, so that only the owner, or
        at most the group, has write access (and not the world).

        Bob