Print

Print


  Because of my role in assisting the computer users at UVM, I support 
keeping the list open. People need information, and the support techs 
are outnumbered hundreds to one. Two points: First, there is 
UVM-specific information publicly accessible about IT specific subjects 
on even more public venues, such as YouTube.  I know this because the 
Helpline techs and I put it there. You can access it from 
http://www.uvm.edu/it/help/allvideos.php#acAndNet and we do take care 
not to expose any security related issues, but still, if one has the 
tech skills to glean info from this sort of content specific video for 
the wrong purposes, well, its there. It will not get one far, since 
ultimately you need a password and the account needs access, and that is 
controlled. Geoff made this point as well: a person with the skills to 
use this info to hack has the skills to hack without this info. I 
believe he said it more eloquently.

Second Point:  Keeping IT DISCUSS posts in email:  I only keep IT 
discuss emails if they strike me as particularly useful for training 
student techs. I do not choose them based on content, but based on the 
degree to which they utilize some quasi-English language that I refer to 
as tech speak.  The point is that as Helpline and CDC technicians, the 
students will often find themselves in the role of translator.


A favorite example of tech speak: (and, IMHO, if you are as fluent in 
this as Sam Hooker, author of this amazing post, well, you don't need IT 
discuss posts to do good or bad.)


Jonathan brings up exactly what I was going to mention:

On 1/12/10 7:39 PM, Jonathan L. Trigaux wrote:
...

> >  sudo chown -R root /Applications/AppNameHere.app
> >  sudo chgrp -R admin /Applications/AppNameHere.app
> >  sudo chmod -R g+w /Applications/AppNameHere.app
...


The '-R' flag causes 'ch*' commands to recurse. He's applied the above
to the enclosing directory, whereas Wes recommended that you descend
into that directory and run 'chmod' on its contents. Now, I don't know
what the whole permissions picture looked like before you started down
this road, but if 'ls -ld /Applications/Oracle\ Calendar' formerly
yielded this:

     drwx-------

no amount of 'chmod a+r *' within that directory would have allowed
non-owners in. In spite of the fact that they now have permission to
read each of its enclosed files, they still had no rights to descend
into that directory and get at them. To wit:

[root@cinghiale ~]$ cd /Applications/Oracle\ Calendar
[root@cinghiale Oracle Calendar]$ ls -l
total 24
-rw-r--r--@ 1 sth  admin  6148 Apr 11  2005 .DS_Store
drwxr-xr-x  8 sth  admin   272 Feb 18  2005 Contents
-rw-r--r--@ 1 sth  admin     0 Jun 15  2005 Oracle Calendar


All very readable by people other than "sth", right? Including this file:

[root@cinghiale Oracle Calendar]$ ls -l Contents/Info.plist
-rw-r--r--@ 1 sth  admin  2588 Nov 28  2005 Contents/Info.plist


But if I give up my root privs and become someone else...

[root@cinghiale Oracle Calendar]$ su -l jackie
[jackie@cinghiale ~]$ file /Applications/Oracle\
Calendar/Contents/Info.plist
/Applications/Oracle Calendar/Contents/Info.plist: cannot open
`/Applications/Oracle Calendar/Contents/Info.plist' (Permission denied)


Why? Because I have no rights to the enclosing directory:

[jackie@cinghiale ~]$ ls -ld /Applications/Oracle\ Calendar
drwx------  5 sth  admin  170 Nov 28  2005 /Applications/Oracle Calendar

So, I fix that...

[root@cinghiale ~]$ chmod go+rx /Applications/Oracle\ Calendar


...and verify...

[root@cinghiale ~]$ ls -ld /Applications/Oracle\ Calendar
drwxr-xr-x@ 5 sth  admin  170 Nov 28  2005 /Applications/Oracle Calendar


...and now:

[jackie@cinghiale ~]$ file /Applications/Oracle\
Calendar/Contents/Info.plist
/Applications/Oracle Calendar/Contents/Info.plist: XML  document text


...success.
END COPY

that just says it all...


Carol Caldwell-Edmonds,
Enterprise Technology Services: Client Services
Manager, UVM Computing Helpline and the Computer Depot Clinic
University of Vermont
[log in to unmask]
avatar by Shannon Edmonds
never take yourself TOO seriously...
artwork by Shannon Edmonds

On 9/15/2010 12:16 PM, Walker Blackwell wrote:
> I am generally uncomfortable with having a list pertaining to internal UVM IT information be publicly accessible. I think it would be different if it were a more general discussion with members outside of UVM taking part. I run many other forums related to wide format printing and these I keep open and searchable so that they can serve as a reference point for outsiders. But I don't think that the users of this group are lemmings that would assume that the IT forum would be uber-secure just because it requires a netid/password to search. Is it possible to give our google appliance htaccess or something of the sort? We have google search internally within UVM but I have no idea how granular those permissions are or weather it even allows private search.
>
> And vis a vis searching one's inbox, I don't know about Thunderbird, but OS X Mail does a live "entire contents" search of the last 3 years of IT Discuss in<  1 second per letter. Preferable to google in my opinion. I can't vouch for other software however.
>
> all the best!
>
> Walker
>
>
>
> On Sep 15, 2010, at 12:01 PM, Ernie Buford wrote:
>
>> On 9/15/2010 11:40 AM, Geoffrey Duke wrote:
>>> With regard to personal email collections, in generally I don't save copies of email messages that I know are retained in an online archive.
>>>
>> Exactly!  Do many subscribers really have their own personal copy of the list archive sitting in their email account?
>>
>> My biggest problem with going private is the primitive search capabilities of Listserv.  If an alternate mechanism existed for searching the archive, that would help.  But I think I'd still vote for an "open" archive rather than a private one (though I'm not strongly opinionated on the issue aside from wishing the archive was more easily navigable).
>>
>> Ernie
> -----------------------------
> Photo Lab Coordinator
> Department of Art and Art History
> University of Vermont
> 72 University Place
> 414 Williams Hall
> Burlington, Vermont 05405
> 802.821.4451
> http://www.uvm.edu/~artdept/photoweb
> aim: greendirtblues
> [log in to unmask]