[Mailman-Users] Should mailman/cgi-bin/* really be executable by 'other'?

ostrowb at tblc.org ostrowb at tblc.org
Wed Jun 14 22:04:53 CEST 2000


I've just discovered that /home/mailman/cgi-bin/* are sgid mailman and 
world-executable (-rwxr-sr-x, to be specific) on a box I administer.  I'm a 
novice at security, but this sounds like a Bad Thing to me, if only on 
general principle.  Would you chmod o-rx these files if you were me?

I've checked the archives and found only a brief discussion of sgid as 
relates to mailman, so I'm reasonably sure this hasn't been discussed 
already.  Apologies in advance if it has, and thanks for reading this far!

Ben


--
Ben Ostrowsky, Automation Services Technologist
Tampa Bay Library Consortium - http://www.tblc.org/





More information about the Mailman-Users mailing list