[Mailman-Users] Mailman in chrooted OpenBSD
Mark Sapiro
msapiro at value.net
Sat Sep 8 03:31:00 CEST 2007
Patrick Valencia wrote:
>
>Matter of fact, when I configure it, the DCGI_GROUP="\"www\"" and so does
>the DMAIL_GROUP. I think it's taking the 67 as a gid and finding the group
>it belongs to.
That's right. See my other reply.
>I'm still not exactly sure how it can't see the gid when it
>goes to run the cgi script I thought it would be able to, especially since
>the set_gid bit is enabled.
See
<http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq06.016.htp>.
The setgid bit sets the effective group, but for security reasons the
wrapper checks the original group by resolving the original gid to a
name and seeing if that name matches what it was told to expect. If it
can't resolve the original gid to a name, it gives the error.
>Would it help if I added a /var/www/etc/group
>file with 67 mapped to 'www'?
If that would allow the wrapper to resolve gid 67 to the name "www",
then yes, that would do it.
--
Mark Sapiro <msapiro at value.net> The highway is for gamblers,
San Francisco Bay Area, California better use your sense - B. Dylan
More information about the Mailman-Users
mailing list