[Mailman-Users] OpenBSD Trusted Path Execution (TPE) compatibility?
Joshua Jore
moomonk at daisy-chan.org
Tue Jul 10 00:30:59 CEST 2001
No, but it would require than /home/mailman be owned by root. I've since
removed the patch since it was too much trouble for too little benefit.
Perhaps if I weren't doing CGI and mailman it'd be worthwhile. As it stand
all the places I'd like to shore up security require trusting due to the
way they usually work.
Oh well.
Thanks for the suggestions,
Josh
On Mon, 9 Jul 2001, Barry A. Warsaw wrote:
>
> >>>>> "JJ" == Joshua Jore <moomonk at daisy-chan.org> writes:
>
> JJ> I can see an immediate problem where mailman owns it's own
> JJ> directories and binaries. Does mailman fail any other the
> JJ> other tests? (It's always possible to designate mailman as a
> JJ> trusted user so it doesn't have these restrictions but I'd
> JJ> rather not if I don't have to)
>
> Mailman's security is based on group ownership of files. That's why
> it builds setgid binaries to wrap around the mail and cgi interfaces.
> Does the TPE mess with group ownerships?
>
> -Barry
>
More information about the Mailman-Users
mailing list