Re: [Mailman-Users] Permission of data/bounce-events-?????.pck

Wed, 01 Feb 2006 11:01:28 -0800 

On Tue, 31 Jan 2006 14:17:42 -0800
Mark Sapiro <[EMAIL PROTECTED]> wrote:
> imacat wrote:
> >    I was checking my system for world-writable files, and found lots of
> >data/bounce-events-?????.pck that are world-writable:
> >[EMAIL PROTECTED] ~ % ls -lt /var/lib/mailman/data | grep 'rw. '
> >-rw-rw-rw-  1 list list       0 2006-01-31 01:26 bounce-events-02258.pck
> >-rw-rw-rw-  1 list list    4786 2005-12-26 17:36 bounce-events-26086.pck
> >=2E..
> >[EMAIL PROTECTED] ~ %d
> But to answer your question, what's the default umask on your system? I
> think that's what controls this.

    Frankly, I got a different test result.

    I put a line "touch /var/tmp/mailman.umask.test" to
/etc/init.d/mailman (which is copied from scripts/mailman) and reboot my
system.  Here is what I got:

[EMAIL PROTECTED] ~ % ls -l /var/tmp/mailman.umask.test
-rw-r--r--  1 root root 0 2006-02-02 02:41 /var/tmp/mailman.umask.test
[EMAIL PROTECTED] ~ % ls -l /var/lib/mailman/data/bounce-events-*.pck
-rw-rw-rw-  1 list list 0 2006-02-02 02:41 
/var/lib/mailman/data/bounce-events-02211.pck
[EMAIL PROTECTED] ~ %

    Appreantly the umask when running /etc/init.d/mailman is 0022 but
mailman still create data/bounce-events-?????.pck as 0666.  Or the
python (mailmanctl) uses a different "system default umask", other than
its parent process /etc/init.d/mailman?

    I noted that in the source of mailman 2.1.7 there are 2 lines in
bin/mailmanctl:

line 421-422
        # Clear our file mode creation umask
        os.umask(0)

    Is this intended?  Is it the reason why data/bounce-events-?????.pck
are world-writable?

--
Best regards,
imacat ^_*' <[EMAIL PROTECTED]>
PGP Key: http://www.imacat.idv.tw/me/pgpkey.txt

<<Woman's Voice>> News: http://www.wov.idv.tw/
Tavern IMACAT's: http://www.imacat.idv.tw/
TLUG List Manager: http://lists.linux.org.tw/cgi-bin/mailman/listinfo/tlug

Attachment: pgpH7HD110KBM.pgp
Description: PGP signature

------------------------------------------------------
Mailman-Users mailing list
Mailman-Users@python.org
http://mail.python.org/mailman/listinfo/mailman-users
Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py
Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/
Unsubscribe: 
http://mail.python.org/mailman/options/mailman-users/archive%40jab.org

Security Policy: 
http://www.python.org/cgi-bin/faqw-mm.py?req=show&amp;file=faq01.027.htp

Reply via email to