[Mailman-Users] Re: suEXEC & Mailman
Ian Jackson
ijackson at chiark.greenend.org.uk
Thu May 10 12:33:16 CEST 2001
Kyrian writes ("[Mailman-Users] Re: suEXEC & Mailman"):
> Because I was using suexec to run mailman's CGI's, and not running the
> entire webserver as the required UID/GID, they were failing with (500?)
> Server Errors, and not putting anything into the standard httpd error
> log files.
...
> All of which require recompilation of the suexec binary,
...
> Anyway, to Tauren's specific idea... I don't think it's exactly possible
> without having a full, custom-compiled mailman implementation, set up to
> run as the same UID as the client's virtual hosts already run under.
...
> Alternatively, you could (although this would mean mailman still runs as
> mailman:mailman, but it would work) compile up some wrapper executables
> for all of the mailman CGI's which are suid to mailman:mailman, within
> the virtual host for each of your clients, and put them in each client's
> cgi directories.
At this point I think I should plug GNU userv (pron. `you-serve')
It is, according to the documentation:
a Unix system facility to allow one program to invoke another
when only limited trust exists between them.
One of the things it's good for is avoiding having to compile up
setuid wrapper programs (and get all the resulting security problems).
You could almost certainly use it to solve your problem above, with
just a simple bit of configuration in /etc/userv.
It's GPL'd and available from GNU mirrors, or from my website at
http://www.chiark.greenend.org.uk/~ian/userv/
Disclaimer: I've not tried applying userv to Mailman's security
situation. I've been wanting to ditch the setuid wrapper that comes
with the Debian install that I've been using, but haven't had time to
sort it out.
Ian.
More information about the Mailman-Users
mailing list