[Mailman-Users] Permissions on Mailman Archive Directory

Mark Sapiro mark at msapiro.net
Thu Feb 17 23:01:08 CET 2011

Barry Finkel wrote:

>I have a question about permissions for the archive directory.
>I am migrating my Mailman server from an Ubuntu Dapper server
>on which I installed my own package, built from the SourceForge
>source, to an Ubuntu Lucid server, where I am installing the
>Ubuntu/Debian package.  The directory in question is
>      /var/lib/mailman/archives/private
>On my production Dapper server, I have
>      drwxrws--x 904 www-data list 24576 2011-02-09 14:17 .

You need either owner=www-data (the web server user) or o+x. You don't
need both, but the only issue is if this server has local users, the
local users can access private archive files with o+x.

>On my test Lucid server I have
>      drwxrws--- 10 root list 4096 2011-02-17 11:19 .
>There are two differences:
>      owner: www-data vs. root
>      group execute privileges
>In the current configuration I cannot get from the web to the list
>archives.  I tried changing the ownership to www-data, and that worked.
>I then reset the owner back to root and added group execute
>privileges, and that also worked.
>What is suggested as the preferred fix?  Thanks.

The web server needs to be able to search the directory. As noted
above, either owner = www-data or o+x allows this. Owner=www-data is
more restrictive than o+x as it does not allow local users (other than
www-data and the 'list' group) to access archive files directly.

If you don't have non-admin local users on the server, then it doesn't
matter which you do. Read the warning box at

Mark Sapiro <mark at msapiro.net>        The highway is for gamblers,
San Francisco Bay Area, California    better use your sense - B. Dylan

More information about the Mailman-Users mailing list