------------------------------------------------------------
revno: 982
committer: Mark Sapiro <[EMAIL PROTECTED]>
branch nick: 2.1
timestamp: Thu 2007-06-28 10:26:13 -0700
message:
check_perms checked archives/private/ and archives/private/<list>/database/
directories to make sure they didn't have certain 'other' permissions, but it
didn't check these directories for the necessary user and group permissions.
This is now fixed.
modified:
bin/check_perms
=== modified file 'bin/check_perms'
--- a/bin/check_perms 2005-08-27 01:40:17 +0000
+++ b/bin/check_perms 2007-06-28 17:26:13 +0000
@@ -1,6 +1,6 @@
#! @PYTHON@
#
-# Copyright (C) 1998-2005 by the Free Software Foundation, Inc.
+# Copyright (C) 1998-2007 by the Free Software Foundation, Inc.
#
# This program is free software; you can redistribute it and/or
# modify it under the terms of the GNU General Public License
@@ -14,7 +14,8 @@
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
-# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
USA.
+# Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301,
+# USA.
"""Check the permissions for the Mailman installation.
@@ -73,6 +74,7 @@
QFILEPERMS = S_ISGID | S_IRWXU | S_IRWXG
PYFILEPERMS = S_IRUSR | S_IWUSR | S_IRGRP | S_IROTH
ARTICLEFILEPERMS = S_IRUSR | S_IWUSR | S_IRGRP | S_IWGRP
+PRIVATEPERMS = QFILEPERMS
�
@@ -124,20 +126,25 @@
os.chown(path, -1, MAILMAN_GID)
else:
print
- # all directories must be at least rwxrwsr-x. Don't check the private
- # archive directory or database directory themselves since these are
- # checked in checkarchives() and checkarchivedbs() below.
+ # Most directories must be at least rwxrwsr-x.
+ # The private archive directory and database directory must be at
+ # least rwxrws---. Their 'other' permissions are checked in
+ # checkarchives() and checkarchivedbs() below. Their 'user' and
+ # 'group' permissions are checked here.
+ # The directories under qfiles should be rwxrws---. Their 'user' and
+ # 'group' permissions are checked here. Their 'other' permissions
+ # aren't checked.
private = mm_cfg.PRIVATE_ARCHIVE_FILE_DIR
- if path == private or (os.path.commonprefix((path, private)) == private
- and os.path.split(path)[1] == 'database'):
- continue
- # The directories under qfiles should have a more limited permission
- if os.path.commonprefix((path, mm_cfg.QUEUE_DIR)) == mm_cfg.QUEUE_DIR:
+ if path == private or \
+ (os.path.commonprefix((path, private)) == private
+ and os.path.split(path)[1] == 'database'):
+ targetperms = PRIVATEPERMS
+ elif os.path.commonprefix((path, mm_cfg.QUEUE_DIR)) \
+ == mm_cfg.QUEUE_DIR:
targetperms = QFILEPERMS
- octperms = oct(targetperms)
else:
targetperms = DIRPERMS
- octperms = oct(targetperms)
+ octperms = oct(targetperms)
if S_ISDIR(mode) and (mode & targetperms) <> targetperms:
arg.ERRORS += 1
print _('directory permissions must be %(octperms)s: %(path)s'),
--
(no title)
https://code.launchpad.net/~mailman-coders/mailman/2.1
You are receiving this branch notification because you are subscribed to it.
To unsubscribe from this branch go to
https://code.launchpad.net/~mailman-coders/mailman/2.1/+subscription/mailman-checkins.
_______________________________________________
Mailman-checkins mailing list
[email protected]
Unsubscribe:
http://mail.python.org/mailman/options/mailman-checkins/archive%40jab.org
