[Mailman-Users] Help with Mailman and Sendmail
Mark Sapiro
msapiro at value.net
Mon Dec 4 06:49:23 CET 2006
David Abrahams wrote:
>
>Pardon me, but isn't the GID with which to execute cgi scripts? Or
>are you saying that mailman's CGI scripts need to execute with the
>same GID as sendmail? If so, why?
Mailman's CGI scripts must run as group 'mailman' (or whatever is
specified as the mailman group). Therefore, the wrappers are in the
mailman group and SETGID.
For security reasons (to prevent anyone from running a wrapper), the
wrappers check to be sure the original group of the caller was the
expected group. It's this expected GID that is set via the
--with-cgi-gid option to configure, but as you note, you are
installing a packaged Mailman (a FreeBSD port) so this really doesn't
apply, at least if the packager set it up right.
See
<http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq06.016.htp>
--
Mark Sapiro <msapiro at value.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list