New subject: [Bug 1491187] Re: mailmanctl check_privs should check effective uid, not real uid

2 Sep 2015


      Public bug reported:
Situations can arise where mailmanctl is running with an effective uid
of 'mailman' and a real uid of 'root'. Such a situation is if logrotate
does 'su mailman mailman' to rotate mailman's logs and then invokes
'mailmanctl reopen' in a postrotate script.
In this case, mailmanctl gets its real uid which is 'root' and then
tries to do os.setgroups, but the effective uid is 'mailman' which
doesn't have permission to set groups.
** Affects: mailman
     Importance: Medium
     Assignee: Mark Sapiro (msapiro)
         Status: In Progress
-- 
You received this bug notification because you are a member of Mailman
Coders, which is subscribed to GNU Mailman.
https://bugs.launchpad.net/bugs/1491187

Title:
  mailmanctl check_privs should check effective uid, not real uid

To manage notifications about this bug go to:
https://bugs.launchpad.net/mailman/+bug/1491187/+subscriptions

[Bug 1491187] [NEW] mailmanctl check_privs should check effective uid, not real uid

Mark Sapiro

Launchpad Bug Tracker

Mark Sapiro

tags (0)

participants (2)