hello, the mailmanctl script doesn't set groups. so when i run mailmanctl as root, i become list:list but still have the groups that root has. that's a grave security bug.
a possible (and working) patch is attached. bye mejo ps: since the bug-reporting system at sourceforge doesn't work atm, i report the bug to the two mailman lists. -- Efficiency and progess is ours one more Now that we have the Neutron bomb It's nice and quick and clean and gets things done Kill kill kill kill kill the poor tonight
287a288 > groups = [gid] + [x[2] for x in grp.getgrall() if mm_cfg.MAILMAN_USER in x[3]] 289a291 > os.setgroups(groups)
pgp00000.pgp
Description: PGP signature
------------------------------------------------------ Mailman-Users mailing list [EMAIL PROTECTED] http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ This message was sent to: [EMAIL PROTECTED] Unsubscribe or change your options at http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
