[Mailman-Users] security implications for adding apache to mailmangroup

Mark Sapiro mark at msapiro.net
Tue Sep 28 19:16:21 CEST 2010


Syn, Joonho wrote:

>I'm writing a mailman dashboard page for my company using cgi/perl but in order to get the necessary info I'll need to give apache read access to all the current .pck files as well as any made in the future.  What are the security implications of adding apache to the mailman group or just using sudo in my script?


If you add apache to the mailman group, you give the web server
permission to read and write any Mailman files. Thus, an invertent
apache config error or an apache security issue could give the world
this access via your web server.

Mailman itself avoids this by invoking its CGI scripts via compiled
SETGID wrappers which set the effective GID to Mailman's group and
check to be sure the real GID is that of the web server. Thus the
wrapper can only be executed by the web server and the web server can
only access Mailman via the specific CGIs.

You could create such a wrapper to give access to your script in the
same way or as you suggest, use sudo in your script to gain access.
Either would be preferable to adding apache to the mailman group. I
would avoid sudo unless it could be done in a way that doesn't allow
other scripts that might be beyond your control to also use sudo.

-- 
Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan



More information about the Mailman-Users mailing list