diff options
Diffstat (limited to 'contrib')
| -rw-r--r-- | contrib/README.securelinux_fix | 12 | ||||
| -rw-r--r-- | contrib/securelinux_fix.py | 134 |
2 files changed, 0 insertions, 146 deletions
diff --git a/contrib/README.securelinux_fix b/contrib/README.securelinux_fix deleted file mode 100644 index 2998856f8..000000000 --- a/contrib/README.securelinux_fix +++ /dev/null @@ -1,12 +0,0 @@ -The securelinux_fix.py script, if copied in your installed -~mailman/bin/ directory and run from there will modify permissions of -files so that Mailman works despite the securelinux (aka openwall) -symbolic and hard link restrictions. - -The way it works is that it makes sure that the UID of any script that -touches config.db is `mailman'. What this means however is that -scripts in ~mailman/bin will now only work if run as user mailman or -root (the script then changes its UID and GID to mailman). - -Enjoy -Marc MERLIN <marcsoft@merlins.org>/<marc_bts@valinux.com> diff --git a/contrib/securelinux_fix.py b/contrib/securelinux_fix.py deleted file mode 100644 index bf6307f92..000000000 --- a/contrib/securelinux_fix.py +++ /dev/null @@ -1,134 +0,0 @@ -#! @PYTHON@ -# -# Copyright (C) 1998,1999,2000,2001 by the Free Software Foundation, Inc. -# -# This program is free software; you can redistribute it and/or -# modify it under the terms of the GNU General Public License -# as published by the Free Software Foundation; either version 2 -# of the License, or (at your option) any later version. -# -# This program is distributed in the hope that it will be useful, -# but WITHOUT ANY WARRANTY; without even the implied warranty of -# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the -# GNU General Public License for more details. -# -# You should have received a copy of the GNU General Public License -# along with this program; if not, write to the Free Software -# Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111-1307, USA. - -"""Fixes for running Mailman under the `secure-linux' patch. - -If you use Solar Designer's secure-linux patch, it prevents a process from -linking (hard link) to a file it doesn't own. As a result Mailman has to be -changed so that the whole tree is owned by Mailman, and the CGIs and some of -the programs in the bin tree (the ones that lock config.pck files) are SUID -Mailman. The idea is that config.pck files have to be owned by the mailman -UID and only touched by programs that are UID mailman. - -If you have to run check_perms -f, make sure to also run securelinux_fix.py --f, which applies the necessary permission fixes. - -As a result, to prevent anyone from running privileged Mailman commands (since -the scripts are suid), binary commands that are changed to be SUID are also -unreadable and unrunnable by people who aren't in the mailman group. This -shouldn't affect much since most of those commands would fail work if you -weren't part of the mailman group anyway. - -Marc <marcsoft@merlins.org>/<marc_bts@valinux.com> 2000/10/27 -""" - -import sys -import os -import paths -import re -import glob -from Mailman import mm_cfg -from Mailman.mm_cfg import MAILMAN_UID, MAILMAN_GID -from stat import * - -# Those are the programs that we patch so that they insist being run under the -# mailman uid or as root. -binfilestopatch= ( 'add_members', 'check_db', 'clone_member', - 'config_list', 'move_list', 'newlist', 'remove_members', 'rmlist', - 'sync_members', 'update', 'withlist' ) - -def main(argv): - binpath = paths.prefix + '/bin/' - droplib = binpath + 'CheckFixUid.py' - - if len(argv) < 2 or argv[1] != "-f": - print __doc__ - sys.exit(1) - - if not os.path.exists(droplib): - print "Creating " + droplib - fp = open(droplib, 'w', 0644) - fp.write("""import sys -import os -from Mailman.mm_cfg import MAILMAN_UID, MAILMAN_GID - -class CheckFixUid: - if os.geteuid() == 0: - os.setgid(MAILMAN_GID) - os.setuid(MAILMAN_UID) - if os.geteuid() != MAILMAN_UID: - print "You need to run this script as root or mailman because it was configured to run" - print "on a linux system with the secure-linux patch which restricts hard links" - sys.exit() -""") - fp.close() - else: - print "Skipping creation of " + droplib - - - print "\nMaking cgis setuid mailman" - cgis = glob.glob(paths.prefix + '/cgi-bin/*') - - for file in cgis: - print file - os.chown(file, MAILMAN_UID, MAILMAN_GID) - os.chmod(file, 06755) - - print "\nMaking mail wrapper setuid mailman" - os.chown(paths.prefix + '/mail/wrapper', MAILMAN_UID, MAILMAN_GID) - os.chmod(paths.prefix + '/mail/wrapper', 06755) - - print "\nEnsuring that all config.pck files are owned by Mailman" - cdbs = glob.glob(paths.prefix + '/lists/*/config.pck*') - - for file in cdbs: - stat = os.stat(file) - if (stat[ST_UID] != MAILMAN_UID or stat[ST_GID] != MAILMAN_GID): - print file - os.chown(file, MAILMAN_UID, MAILMAN_GID) - - print "\nPatching mailman scripts to change the uid to mailman" - - for script in binfilestopatch: - filefd = open(script, "r") - file = filefd.readlines() - filefd.close() - - patched = 0 - try: - file.index("import CheckFixUid\n") - print "Not patching " + script + ", already patched" - except ValueError: - file.insert(file.index("import paths\n")+1, "import CheckFixUid\n") - for i in range(len(file)-1, 0, -1): - object=re.compile("^([ ]*)main\(").search(file[i]) - if object: - print "Patching " + script - file.insert(i, - object.group(1) + "CheckFixUid.CheckFixUid()\n") - patched=1 - break - - if patched==0: - print "Warning, file "+script+" couldn't be patched." - print "If you use it, mailman may not function properly" - else: - filefd=open(script, "w") - filefd.writelines(file) - -main(sys.argv) |