[Mailman-Developers] [Mailman-Users] Permission of data/bounce-events-?????.pck

Thu Feb 2 08:31:47 CET 2006

    I could use a little explanation on this issue.

    I was checking my system for world-writable files, and found lots of
data/bounce-events-?????.pck that are world-writable:

imacat at rinse ~ % ls -lt /var/lib/mailman/data | grep 'rw. '
-rw-rw-rw-  1 list list       0 2006-01-31 01:26 bounce-events-02258.pck
-rw-rw-rw-  1 list list    4786 2005-12-26 17:36 bounce-events-26086.pck
...
imacat at rinse ~ %

    I felt weird, so I looked into the mailman 2.1.7 source, and found
such lines in bin/mailmanctl:

line 421-422
        # Clear our file mode creation umask
        os.umask(0)

    I checked the umask when running the init script (copied from
scripts/mailman) on boot, inserted "touch /var/tmp/mailman.umask.test"
and reboot.  The result is sane, but a new world-writable
bounce-events-?????.pck was created altogeter.  Apparently
bin/mailmanctl did not inherit the umask from its parent init script:

imacat at rinse ~ % ls -l /var/tmp/mailman.umask.test
-rw-r--r--  1 root root 0 2006-02-02 02:52 /var/tmp/mailman.umask.test
imacat at rinse ~ % ls -l /var/lib/mailman/data/bounce-events-*.pck
-rw-rw-rw-  1 list list 0 2006-02-02 02:41 /var/lib/mailman/data/bounce-events-02211.pck
imacat at rinse ~ %

    I searched the archive.  I know that these long-gone
data/bouce-events-?????.pck can be safely removed.  But I'm a little
worried about this "world-writable" thing.  Is it intended?  Mark told
me these files are safe.  That's fine.  But I still find it confusing:

     1. Even if they are safe, it'll still create confusion when someone
tries to dump them for debugging purpose, if tempered.

     2. Even if they are safe, will other files created by
bin/mailmanctl, may be accidently, be world-writable, too?

     3. Will other processes raised by bin/mailmanctl, may be accidently,
inherit this umask and create world-writable files on surprise, too?

     4. Finally, is that necessary to clear the umask to 0?

    I'm not quite familiar with python, so forgive me if I didn't send any
patch on this.  It may not be appropriate, either, for the whole umask
operation seems to be quite complicated in bin/mailmanctl and an
improper patch may ruin it.

On Wed, 1 Feb 2006 14:13:25 -0800
Mark Sapiro <msapiro at value.net> wrote:
> imacat wrote:
> >    I noted that in the source of mailman 2.1.7 there are 2 lines in
> >bin/mailmanctl:
> >
> >line 421-422
> >        # Clear our file mode creation umask
> >        os.umask(0)
> >
> >    Is this intended?  Is it the reason why data/bounce-events-?????.pck
> >are world-writable?
> 
> It looks like you're right. I don't know if there is/was a good reason
> or not. I'm cross posting this reply to Mailman-Developers. Maybe
> someone there knows the reason for this.
> 
> Note that many places in the Mailman code, umask is saved and set for a
> particular purpose and then restored, but BounceRunner doesn't do this
> when creating the bounce-events-*.pck. I don't know why.


--
Best regards,
imacat ^_*' <imacat at mail.imacat.idv.tw>
PGP Key: http://www.imacat.idv.tw/me/pgpkey.txt

<<Woman's Voice>> News: http://www.wov.idv.tw/
Tavern IMACAT's: http://www.imacat.idv.tw/
TLUG List Manager: http://lists.linux.org.tw/cgi-bin/mailman/listinfo/tlug
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url : http://mail.python.org/pipermail/mailman-developers/attachments/20060202/8cbbb9af/attachment.pgp