[Mailman-Users] Should mailman/cgi-bin/* really be executable by 'other'?

ostrowb at tblc.org ostrowb at tblc.org
Wed Jun 14 22:04:53 CEST 2000

I've just discovered that /home/mailman/cgi-bin/* are sgid mailman and 
world-executable (-rwxr-sr-x, to be specific) on a box I administer.  I'm a 
novice at security, but this sounds like a Bad Thing to me, if only on 
general principle.  Would you chmod o-rx these files if you were me?

I've checked the archives and found only a brief discussion of sgid as 
relates to mailman, so I'm reasonably sure this hasn't been discussed 
already.  Apologies in advance if it has, and thanks for reading this far!


Ben Ostrowsky, Automation Services Technologist
Tampa Bay Library Consortium - http://www.tblc.org/

More information about the Mailman-Users mailing list