diff options
| author | bwarsaw | 2000-11-09 02:07:01 +0000 |
|---|---|---|
| committer | bwarsaw | 2000-11-09 02:07:01 +0000 |
| commit | 04e4663b60e6bc6cf9bdf01d821d00f72be81dff (patch) | |
| tree | 00a513cc57b13aae8022546ba93397168433b11f /contrib/securelinux_fix.py | |
| parent | b88b24fb590206d9a5cbc7e182be3fd6a1d2a292 (diff) | |
| download | mailman-04e4663b60e6bc6cf9bdf01d821d00f72be81dff.tar.gz mailman-04e4663b60e6bc6cf9bdf01d821d00f72be81dff.tar.zst mailman-04e4663b60e6bc6cf9bdf01d821d00f72be81dff.zip | |
Updated to Marc MERLIN's latest version, which adds setgid() calls.
Minor edits by Barry to the docstring, and fixed one typo (missing
parens in an fp.close() call).
Diffstat (limited to 'contrib/securelinux_fix.py')
| -rw-r--r-- | contrib/securelinux_fix.py | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/contrib/securelinux_fix.py b/contrib/securelinux_fix.py index fc28b97c4..784bbc6d8 100644 --- a/contrib/securelinux_fix.py +++ b/contrib/securelinux_fix.py @@ -16,22 +16,23 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -"""If you use Solar Designer's secure-linux patch, it prevents a process from -linking (hard link) to a file it doesn't own. As a result mailman has to be -changed so that the whole tree is owned by mailman, and the CGIs and some of -the programs in the bin tree (the ones that lock config.db files) are SUID -mailman. -The idea is that config.db files have to be owned by the mailman UID and -only touched by programs that are UID mailman. +"""Fixes for running Mailman under the `secure-linux' patch. + +If you use Solar Designer's secure-linux patch, it prevents a process from +linking (hard link) to a file it doesn't own. As a result Mailman has to be +changed so that the whole tree is owned by Mailman, and the CGIs and some of +the programs in the bin tree (the ones that lock config.db files) are SUID +Mailman. The idea is that config.db files have to be owned by the mailman UID +and only touched by programs that are UID mailman. -If you have to run check_perms -f, make sure to also run %(PROGRAM) -f, which +If you have to run check_perms -f, make sure to also run %(PROGRAM) -f, which applies the necessary permission fixes -As a result, to prevent anyone from running priviledged mailman commands -(since the scripts are suid), binary commands that are changed to be SUID -are also unreadable and unrunable by people who aren't in the mailman group. -This shouldn't affect much since most of those commands would fail work if -you weren't part of the mailman group anyway. +As a result, to prevent anyone from running priviledged Mailman commands +\(since the scripts are suid), binary commands that are changed to be SUID are +also unreadable and unrunable by people who aren't in the mailman group. This +shouldn't affect much since most of those commands would fail work if you +weren't part of the mailman group anyway. Marc <marcsoft@merlins.org>/<marc_bts@valinux.com> 2000/10/27 """ @@ -66,17 +67,18 @@ def main(argv): fp = open(droplib, 'w', 0644) fp.write("""import sys import os -from Mailman.mm_cfg import MAILMAN_UID +from Mailman.mm_cfg import MAILMAN_UID, MAILMAN_GID class CheckFixUid: if os.geteuid() == 0: + os.setgid(MAILMAN_GID) os.setuid(MAILMAN_UID) if os.geteuid() != MAILMAN_UID: print "You need to run this script as root or mailman because it was configured to run" print "on a linux system with the secure-linux patch which restricts hard links" sys.exit() """) - fp.close + fp.close() else: print "Skipping creation of " + droplib |