Bugs item #777444, was opened at 2003-07-25 10:02 Message generated for change (Comment added) made by ppsys You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=100103&aid=777444&group_id=103 Category: security/privacy Group: 2.1 (stable) Status: Open Resolution: None Priority: 5 Submitted By: Richard Barrett (ppsys) Assigned to: Nobody/Anonymous (nobody) Summary: mailmanctl doesn't setgroups when run as root Initial Comment: When mailmanctl is executed as root the checkprivs function performs setgid and setuid to reduce the process privileges. But mailmanctl fails to set the supplemental groups of the process to those of the setuid'ed user, effectively leaving the processes with the same group privileges as root and, potentially, without the group privileges of the setuid'ed user. This patch uses os.setgroups() to fix that. Problem definition and solution by Jonas Meurer. I'm just filing the bug fix for him. Apply the patch from within the Mailman build directory with: patch -p1 < path-to-patch-file ----------------------------------------------------------------------

Comment By: Richard Barrett (ppsys) Date: 2003-09-30 20:45

Message: Logged In: YES user_id=75166 grpsec-2.1.3-0.1.patch is a MM 2.1.3 compatible version of the patch ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=100103&aid=777444&group_id=103