3.0] (no title)

noreply Thu, 28 Jun 2007 10:27:13 -0700

------------------------------------------------------------
revno: 6515
committer: Mark Sapiro <[EMAIL PROTECTED]>
branch nick: 3.0
timestamp: Thu 2007-06-28 10:23:27 -0700
message:
  check_perms checked archives/private/ and archives/private/<list>/database/
  directories to make sure they didn't have certain 'other' permissions, but it
  didn't check these directories for the necessary user and group permissions.
  This is now fixed.
modified:
  Mailman/bin/check_perms.py


=== modified file 'Mailman/bin/check_perms.py'
--- a/Mailman/bin/check_perms.py        2007-01-19 04:38:06 +0000
+++ b/Mailman/bin/check_perms.py        2007-06-28 17:23:27 +0000
@@ -47,6 +47,7 @@
 PYFILEPERMS         = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH
 ARTICLEFILEPERMS    = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP
 MBOXPERMS           = S_IRGRP | S_IWGRP | S_IRUSR | S_IWUSR
+PRIVATEPERMS        = QFILEPERMS
 
 
 
@@ -100,20 +101,25 @@
                 os.chown(path, -1, MAILMAN_GID)
             else:
                 print
-        # All directories must be at least rwxrwsr-x.  Don't check the private
-        # archive directory or database directory themselves since these are
-        # checked in checkarchives() and checkarchivedbs() below.
+        # Most directories must be at least rwxrwsr-x.
+        # The private archive directory  and database directory must be at
+        # least rwxrws---.  Their 'other' permissions are checked in
+        # checkarchives() and checkarchivedbs() below.  Their 'user' and
+        # 'group' permissions are checked here.
+        # The directories under qfiles should be rwxrws---.  Their 'user' and
+        # 'group' permissions are checked here.  Their 'other' permissions
+        # aren't checked.
         private = config.PRIVATE_ARCHIVE_FILE_DIR
-        if path == private or (os.path.commonprefix((path, private)) == private
-                               and os.path.split(path)[1] == 'database'):
-            continue
-        # The directories under qfiles should have a more limited permission
-        if os.path.commonprefix((path, config.QUEUE_DIR)) == config.QUEUE_DIR:
+        if path == private or \
+                  (os.path.commonprefix((path, private)) == private
+                   and os.path.split(path)[1] == 'database'):
+            targetperms = PRIVATEPERMS
+        elif os.path.commonprefix((path, config.QUEUE_DIR)) \
+              == config.QUEUE_DIR:
             targetperms = QFILEPERMS
-            octperms = oct(targetperms)
         else:
             targetperms = DIRPERMS
-            octperms = oct(targetperms)
+        octperms = oct(targetperms)
         if S_ISDIR(mode) and (mode & targetperms) <> targetperms:
             arg.ERRORS += 1
             print _('directory permissions must be $octperms: $path'),



--
(no title)
https://code.launchpad.net/~mailman-coders/mailman/3.0

You are receiving this branch notification because you are subscribed to it.
To unsubscribe from this branch go to 
https://code.launchpad.net/~mailman-coders/mailman/3.0/+subscription/mailman-checkins.
_______________________________________________
Mailman-checkins mailing list
[email protected]
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-checkins/archive%40jab.org

[Mailman-checkins] [Branch ~mailman-coders/mailman/3.0] (no title)

Reply via email to