[Mailman-Developers] Security

[J C Lawrence]

Barry,

A week or so ago (right about the time I dissappeared) I had a drive
die on the system I run Mailman from.  I thought replacing the drive
and restoring its contents from backups would be enough.  It wasn't.
It turns out that in dieing several other filesystems were corrupted
in various odd and inelegant fashions (encluding both my tripwire DB
and its backup sod it).

This has left me in an odd position:

  If I post to a specific list, or approve a held post for that
list, there is an 80% chance that this will crash the machine
(compleat lock, no interrupts, no useful log entries.

  This is reproducable.  I've done it a great many times -- enough
to wish I had a watchdog card in that machine.  Its also rather
scary -- Mailman is running as a non-privileged user after all.

As part of the recovery I've re-installed every single binary on the
entire system (encluding Python et al).  The one thing I haven't
reinstalled is Mailman (v1.1).  I also haven't dissembled or rebuilt
the config.db's for the crashing lists.

Interested in the relevant files?  I'll be saving everything off (of
course), but I doubt I'll have time in the near future to disect
this.

-- 
J C Lawrence                                 Home: claw@kanga.nu
---------(*)                               Other: coder@kanga.nu
http://www.kanga.nu/~claw/        Keys etc: finger claw@kanga.nu
--=| A man is as sane as he is dangerous to his environment |=--