Mark Sapiro ha scritto: > Manlio Perillo wrote: >> But if the files are not group writeable, how can the CGI script modify >> them? > > > Yes, they need to be group writable, but they shouldn't need to be > world writable. >
Ok. I just notice that there exist a bug report: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=235112 On Woody the alias file gets updates, the problem is with virtual-mailman! I have submitted a new bug report. > The question is what should the FAQ say (moot at the moment, because > the FAQ apparently can't be updated, but I trust that will be fixed)? > > I don't understand the need for the 'adduser' you mentioned in your > first post. In Debian Sarge Apache2 runs under www-data user and group privileges (and so the CGI cgi-bin/create). This means that, in order for the script to modify the alias* files, www-data should be in the list group. Or, as written in the FAQ, these files have to be world writeable. > Perhaps you can clarify what the permissions, etc. are in > the Debian package as shipped, and what is required so we can get the > FAQ right. Is it sufficient to > > chmod 0660 data/aliases.db > chmod 0660 data/virtual-mailman.db > Yes. > and if so, why would Steinmetz <[EMAIL PROTECTED]> say > > On Debian Sarge mailman:mailman does not exist > The only way I found was to chmod 0666 data/aliases* > The FAQ say: chmod 0666 data/aliases* (as mailman:mailman does not exist - permissions are for root:list) Indeed permissions are root:list. But I don't understand why to allow them to be world writeable. P.S. I'm not a Unix expert! Regards Manlio Perillo ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
