Hi Developers,
There is a rumor that mailman security check is not proper and recommending patch to void our security check. Can someone write a refutation to this article? (In a fluent English of course ;-)
-------- Original Message -------- Subject: [ mailman-Bugs-1188133 ] CGI group id not properly tested Date: Fri, 22 Apr 2005 07:58:37 -0700 From: SourceForge.net noreply@sourceforge.net Reply-To: mailman-developers@python.org To: noreply@sourceforge.net
Bugs item #1188133, was opened at 2005-04-22 15:58 Message generated for change (Tracker Item Submitted) made by Item Submitter You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=100103&aid=1188133&group_id=103
Category: Web/CGI Group: 2.1 (stable) Status: Open Resolution: None Priority: 5 Submitted By: Graham Klyne (grahamk) Assigned to: Nobody/Anonymous (nobody) Summary: CGI group id not properly tested
Initial Comment: [I tried to send this to mailman-developers, but my message was discarded]
I've just downloaded and installed the latest mailman 2.1.6rc1 and encountered a CGI permissions problem (running with Apache 2.0 on Scientific Linux 3.04), for which a patch is described in: http://minaret.biz/tips/mailman.html
(briefly, replace getgid with getegid in common.c)
Applying this patch resolves the problem I was experiencing.
Is there any reason this isn't applied in the mailman distribution?
#g
You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=100103&aid=1188133&group_id=103
Mailman-coders mailing list Mailman-coders@python.org http://mail.python.org/mailman/listinfo/mailman-coders
-- Tokio Kikuchi, tkikuchi@ is.kochi-u.ac.jp http://weather.is.kochi-u.ac.jp/