[Mailman-Users] mailman on freeBSD 8.2: getgrgid error
Mailman Admin
mailman-admin at uni-konstanz.de
Wed Aug 3 10:22:23 CEST 2011
Hello Rekhesh Mohan
On 08/03/2011 08:23 AM, Rekhesh Mohan wrote:
>
> I can now confirm that issue is with system/OS security and not with
> mailman. getgrgid()->gr_name returns meaningful value only if a member
> of "wheel" group calls it. I added my apache-user "www" to wheel group
> (his primary group is still www) and mailman is happy - web interface is
> working. I am not sure about the security implications of apache user
> being a member of wheel group.
>
The wheel group is the group for all admins not named root!
You never should give the apache user admin privileges.
If someone breaks into your apache she can overtake your whole machine
at once.
I don't know freeBSD. Does it use something like SELinux?
Kind regards,
Christian Mack
More information about the Mailman-Users
mailing list