/var/lib/sympa/static_content is not world readable

Binary package hint: sympa

The files under /var/lib/sympa/static_content are only readable by the sympa user. I see no reason why content meant to be displayed on the web should be restricted to a specific user, and it also causes a bit of pain.

By default, wwsympa.fcgi and sympa_soap_server.fcgi run as the sympa user, but the web server runs as www-data. This works pretty well, except that you get a 404 on all CSS. Running the web server as the sympa user is indeed possible, but it is not very convenient when running multiple web services on the same machine. I therefore propose that the CSS files in /var/lib/sympa/static_content are made world readable, so apache can reach them no matter what user it is running as.

Now, let's look at the technicalities. The following is run by the sympa postinst script (prefixed by line numbers):

337 chown -R sympa.sympa /var/spool/sympa/wws* /var/lib/sympa/wws* /var/lib/sympa/static_content*
338 chmod -R ug=rwX,o=X /var/spool/sympa/wws* /var/lib/sympa/wws* /var/lib/sympa/static_content*

In /usr/lib/cgi-bin/sympa/wwsympa.fcgi, the following code is found (prefixed by line numbers):

 4975 sub do_skinsedit {
[...]
 5005 foreach my $css ('style.css','print.css','fullPage.css','print-preview.css') {
[...]
 5040 ## Make the CSS readable to anyone
 5041 chmod 0775, "$dir/$css";
 5042 }

This leads me to believe that this would have worked had it not been for the chmodding in the postinst script (although setting the execute bit on a CSS file also seems a bit odd, if you ask me). Running do_skinsedit after installation would probably make the files world readable again, but I have not figured out how to make sympa call this function yet. And even if that worked an upgrade or reinstall of the sympa package would chmod the files back to ug=rwX,o=X.