Tom Browder writes: > The installation instructions are a little confusing, but I take away > from them the best (almost default) choice for owner:group for the > "/usr/local/mailman" ($prefix) directory is 'mailman'.
It doesn't matter what the name is. You may wish to use a predefined name provided by the OS distribution (for example, Debian uses "list", not "mailman"). AFAIK there is no particular need to have the owner of Mailman code or data be the mailman user. For example, on Debian systems root is the owner of all the executables mentioned below, as well as most of the data directories. The important thing about the mailman user is that it is a member of the mailman group (typically the only member of that group). It is important that the cgi-bin executables be setgid and have the mailman group, that scripts/mailman have the mailman group, and that the Mailman writable data (archives, data, lists, messages, qfiles, spam) have the mailman group. It also does matter that the user and group have privileges only in Mailman file hierarchies, that there be no other members of the group (except possibly an admin's account, but I consider that an unnecessary risk) and that the name be used appropriately in any application that setuids or setgids to manipulate Mailman data (ISTR there may be some MTA that does). Bottom line: If I were you, I'd make sure that the mailman group and user are set up properly, and then do "chown root:mailman /usr/local/mailman" (root because I suppose Debian has a reason for doing that ;-). ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org