[ mailman-Bugs-777444 ] mailmanctl doesn't setgroups when run as root

SourceForge.net noreply at sourceforge.net
Fri Jul 25 04:02:38 EDT 2003


Bugs item #777444, was opened at 2003-07-25 10:02
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=100103&aid=777444&group_id=103

Category: security/privacy
Group: 2.1 (stable)
Status: Open
Resolution: None
Priority: 5
Submitted By: Richard Barrett (ppsys)
Assigned to: Nobody/Anonymous (nobody)
Summary: mailmanctl doesn't setgroups when run as root

Initial Comment:
When mailmanctl is executed as root the checkprivs
function performs setgid and setuid to reduce the
process privileges.

But mailmanctl fails to set the supplemental groups of
the process to those of the setuid'ed user, effectively
leaving the
processes with the same group privileges as root and,
potentially, without the group privileges of the
setuid'ed user.

This patch uses os.setgroups() to fix that.

Problem definition and solution by Jonas Meurer.

I'm just filing the bug fix for him.

Apply the patch from within the Mailman build directory
with:

patch -p1 < path-to-patch-file

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=100103&aid=777444&group_id=103



More information about the Mailman-coders mailing list