diff options
| author | bwarsaw | 2000-11-09 02:07:01 +0000 |
|---|---|---|
| committer | bwarsaw | 2000-11-09 02:07:01 +0000 |
| commit | 04e4663b60e6bc6cf9bdf01d821d00f72be81dff (patch) | |
| tree | 00a513cc57b13aae8022546ba93397168433b11f /contrib | |
| parent | b88b24fb590206d9a5cbc7e182be3fd6a1d2a292 (diff) | |
| download | mailman-04e4663b60e6bc6cf9bdf01d821d00f72be81dff.tar.gz mailman-04e4663b60e6bc6cf9bdf01d821d00f72be81dff.tar.zst mailman-04e4663b60e6bc6cf9bdf01d821d00f72be81dff.zip | |
Diffstat (limited to 'contrib')
| -rw-r--r-- | contrib/securelinux_fix.py | 32 |
1 files changed, 17 insertions, 15 deletions
diff --git a/contrib/securelinux_fix.py b/contrib/securelinux_fix.py index fc28b97c4..784bbc6d8 100644 --- a/contrib/securelinux_fix.py +++ b/contrib/securelinux_fix.py @@ -16,22 +16,23 @@ # along with this program; if not, write to the Free Software # Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. -"""If you use Solar Designer's secure-linux patch, it prevents a process from -linking (hard link) to a file it doesn't own. As a result mailman has to be -changed so that the whole tree is owned by mailman, and the CGIs and some of -the programs in the bin tree (the ones that lock config.db files) are SUID -mailman. -The idea is that config.db files have to be owned by the mailman UID and -only touched by programs that are UID mailman. +"""Fixes for running Mailman under the `secure-linux' patch. + +If you use Solar Designer's secure-linux patch, it prevents a process from +linking (hard link) to a file it doesn't own. As a result Mailman has to be +changed so that the whole tree is owned by Mailman, and the CGIs and some of +the programs in the bin tree (the ones that lock config.db files) are SUID +Mailman. The idea is that config.db files have to be owned by the mailman UID +and only touched by programs that are UID mailman. -If you have to run check_perms -f, make sure to also run %(PROGRAM) -f, which +If you have to run check_perms -f, make sure to also run %(PROGRAM) -f, which applies the necessary permission fixes -As a result, to prevent anyone from running priviledged mailman commands -(since the scripts are suid), binary commands that are changed to be SUID -are also unreadable and unrunable by people who aren't in the mailman group. -This shouldn't affect much since most of those commands would fail work if -you weren't part of the mailman group anyway. +As a result, to prevent anyone from running priviledged Mailman commands +\(since the scripts are suid), binary commands that are changed to be SUID are +also unreadable and unrunable by people who aren't in the mailman group. This +shouldn't affect much since most of those commands would fail work if you +weren't part of the mailman group anyway. Marc <marcsoft@merlins.org>/<marc_bts@valinux.com> 2000/10/27 """ @@ -66,17 +67,18 @@ def main(argv): fp = open(droplib, 'w', 0644) fp.write("""import sys import os -from Mailman.mm_cfg import MAILMAN_UID +from Mailman.mm_cfg import MAILMAN_UID, MAILMAN_GID class CheckFixUid: if os.geteuid() == 0: + os.setgid(MAILMAN_GID) os.setuid(MAILMAN_UID) if os.geteuid() != MAILMAN_UID: print "You need to run this script as root or mailman because it was configured to run" print "on a linux system with the secure-linux patch which restricts hard links" sys.exit() """) - fp.close + fp.close() else: print "Skipping creation of " + droplib |