[Mailman-Developers] [Fwd: [ mailman-Bugs-1188133 ] CGI group id not properly tested]

Sat, 23 Apr 2005 00:01:57 -0700 

Hi Developers,

There is a rumor that mailman security check is not proper and recommending patch to void our security check. Can someone write
a refutation to this article? (In a fluent English of course ;-)

-------- Original Message --------
Subject: [ mailman-Bugs-1188133 ] CGI group id not properly tested
Date: Fri, 22 Apr 2005 07:58:37 -0700
From: SourceForge.net <[EMAIL PROTECTED]>
Reply-To: mailman-developers@python.org
To: [EMAIL PROTECTED]

Bugs item #1188133, was opened at 2005-04-22 15:58
Message generated for change (Tracker Item Submitted) made by Item Submitter
You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100103&aid=1188133&group_id=103

Category: Web/CGI
Group: 2.1 (stable)
Status: Open
Resolution: None
Priority: 5
Submitted By: Graham Klyne (grahamk)
Assigned to: Nobody/Anonymous (nobody)
Summary: CGI group id not properly tested

Initial Comment:
[I tried to send this to mailman-developers, but my
message was discarded]

I've just downloaded and installed the latest mailman
2.1.6rc1 and encountered a CGI permissions problem
(running with Apache 2.0 on Scientific Linux 3.04), for
which a patch is described in:
  http://minaret.biz/tips/mailman.html

(briefly, replace getgid with getegid in common.c)

Applying this patch resolves the problem I was
experiencing.

Is there any reason this isn't applied in the mailman
distribution?

#g


----------------------------------------------------------------------

You can respond by visiting:
https://sourceforge.net/tracker/?func=detail&atid=100103&aid=1188133&group_id=103
_______________________________________________
Mailman-coders mailing list
Mailman-coders@python.org
http://mail.python.org/mailman/listinfo/mailman-coders





--
Tokio Kikuchi, tkikuchi@ is.kochi-u.ac.jp
http://weather.is.kochi-u.ac.jp/

_______________________________________________
Mailman-Developers mailing list
Mailman-Developers@python.org
http://mail.python.org/mailman/listinfo/mailman-developers
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org

Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&amp;file=faq01.027.htp

Reply via email to