[Bug 1491187] [NEW] mailmanctl check_privs should check effective uid, not real uid
Public bug reported: Situations can arise where mailmanctl is running with an effective uid of 'mailman' and a real uid of 'root'. Such a situation is if logrotate does 'su mailman mailman' to rotate mailman's logs and then invokes 'mailmanctl reopen' in a postrotate script. In this case, mailmanctl gets its real uid which is 'root' and then tries to do os.setgroups, but the effective uid is 'mailman' which doesn't have permission to set groups. ** Affects: mailman Importance: Medium Assignee: Mark Sapiro (msapiro) Status: In Progress -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1491187 Title: mailmanctl check_privs should check effective uid, not real uid To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1491187/+subscriptions
** Branch linked: lp:mailman/2.1 ** Branch linked: lp:~pydotorg/mailman/production21 -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1491187 Title: mailmanctl check_privs should check effective uid, not real uid To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1491187/+subscriptions
** Changed in: mailman Status: In Progress => Fix Released ** Changed in: mailman Milestone: 2.1.21 => 2.1.21rc1 -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1491187 Title: mailmanctl check_privs should check effective uid, not real uid To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1491187/+subscriptions
participants (2)
-
Launchpad Bug Tracker -
Mark Sapiro