[Mailman-Users] Everything's a bug?

Chuck Dale bug at aphid.net
Sun Aug 13 07:39:24 CEST 2000

Wrote Virginia Beauregard on Sat, Aug 12, 2000 at 05:36:44PM -0400:
> On Fri, 11 Aug 2000, Jeme A Brelin wrote:
> > I do have suexec enabled.  I'm a bit concerned because this makes all cgi
> > run as the user that owns it (rather than the webserver user).  The
> > INSTALL file specifically warns against running some things with the
> > mailman GID.  Unfortunately I need suexec.  Are they incompatible?
> I do not believe suEXEC and Mailman are compatible with the initial
> installation of Mailman. Why?  Double check the suEXEC security model,
> (1) 	13.Is the directory within the Apache webspace? 

I set --suexec-docroot to /home and do everything from there, because
that's where all my virtual host document roots were and I couldn't
handle moving them all to something more secure.. Luckily this meant
mailman fine in /home/mailman.

> (2)	14.Is the directory NOT writable by anyone else? 
> 	This is fundamentally incompatible with the default Mailman
> 	installation:
> 	$ ls -ld /data/mailman/cgi-bin
> 	drwxrwsr-x   2 mail     mailman      4096 Aug 10 19:56 /data/mailman/cgi-bin/
> (3)	17.Is the target program NOT setuid or setgid? 

Which is very annoying because make install and check_perms always reset
these permissions even though they are not necessary and do not work in
my situation - it would be nice if check_perms was a little more


               [ charles hamilton dale <bug at aphid.net> ]

More information about the Mailman-Users mailing list