[Mailman-Users] Creating New List via Web Interface
christopher at schulte.org
Fri Sep 17 21:56:52 CEST 1999
At 10:51 AM 9/17/99 -0700, you wrote:
>> It also presents an entire new set of security concerns. With
>> sendmail, updating the aliases file is not enough, you also *as
>> root* have to run 'newaliases'. Mailman's great as it doesn't run
>> as root (or doesn't have to, anyway). That is a great option.
Agreed 100% no doubt.
>True, tho this could be sidestpped by having a cronjob that
>periodically checked the timestamp on the aliases file and then ran
>newaliases (on any other command an MTA needed) as needed. The web
>interface would then mere contain something like, "Your new list has
>been created and will become active (capable of receiving mail)
>within the next NNN minutes."
>Its certainly not an elegant solution.
It may not be "elegant" but I really like this idea much more than having
any mailman binaries suid root. The suid bit is not something that should
be given lightly to ANY program.
I've not looked into the sendmail option to refresh the alias database as
needed. Does this require that sendmail be run as a daemon? If so then
you can forget the many people who use a third party smtp daemon which
passes messages to sendmail directly rather than having it sit on port 25
itself... and thus taking another suid program away from possible abuse.
>J C Lawrence Life: http://www.kanga.nu/ Home: claw at kanga.nu
>---------(*) Work (Linux/IA64): claw at varesearch.com
> ... Beware of cromagnons wearing chewing gum and palm pilots ...
NAME: Christopher Schulte
MAIL: christopher at schulte.org
FINGER: christopher at shell.schulte.org
The magic of cheese pizza should never be underestimated.
More information about the Mailman-Users