Re: [Mailman-Users] mailman on freeBSD 8.2: getgrgid error
On Wednesday, August 03, 2011 02:06:50 AM Mark Sapiro wrote: Rekhesh Mohan wrote: Now here is something that spoiled my sleep: I wrote a small test program to call getgrgid(), and it prints getgrgid()-gr_name = www. When I added a print statement inside common.c, I get getgrgid()-gr_name = null (it goes to http error log, since http headers are not defined at this stage of the code). What are the permissions on /etc/group? Is it world readable? Yes. They are world readable. By the way, I'm making some progress here :) I can now confirm that issue is with system/OS security and not with mailman. getgrgid()-gr_name returns meaningful value only if a member of wheel group calls it. I added my apache-user www to wheel group (his primary group is still www) and mailman is happy - web interface is working. I am not sure about the security implications of apache user being a member of wheel group. Need to check if this is the default behaviour of freeBSD 8.2. I am searching for a machine where I can try a fresh and clean install of freeBSD + mailman. Please let me know If anyone here has a mailman working on freeBSD 8.2 --R -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] mailman on freeBSD 8.2: getgrgid error
Hello Rekhesh Mohan On 08/03/2011 08:23 AM, Rekhesh Mohan wrote: I can now confirm that issue is with system/OS security and not with mailman. getgrgid()-gr_name returns meaningful value only if a member of wheel group calls it. I added my apache-user www to wheel group (his primary group is still www) and mailman is happy - web interface is working. I am not sure about the security implications of apache user being a member of wheel group. The wheel group is the group for all admins not named root! You never should give the apache user admin privileges. If someone breaks into your apache she can overtake your whole machine at once. I don't know freeBSD. Does it use something like SELinux? Kind regards, Christian Mack -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] mailman on freeBSD 8.2: getgrgid error
On Wednesday, August 03, 2011 01:52:23 PM Mailman Admin wrote: Hello Rekhesh Mohan On 08/03/2011 08:23 AM, Rekhesh Mohan wrote: I can now confirm that issue is with system/OS security and not with mailman. getgrgid()-gr_name returns meaningful value only if a member of wheel group calls it. I added my apache-user www to wheel group (his primary group is still www) and mailman is happy - web interface is working. I am not sure about the security implications of apache user being a member of wheel group. The wheel group is the group for all admins not named root! You never should give the apache user admin privileges. If someone breaks into your apache she can overtake your whole machine at once. I don't know freeBSD. Does it use something like SELinux? Hi Christian, Sure :) I have already pulled out the www from wheel. That was one of the many things I have been trying out to understand the issue. I am new to freeBSD - There is nothing like selinux.. but it has some kernel security level setting, which is disabled on my system. Thanks! --R -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
[Mailman-Users] Question about moderation
-BEGIN PGP SIGNED MESSAGE- Hash: SHA1 Hi everyone, It is possible and how, in a list with multiple moderators to check which of the moderators moderated message? Best Regards - -- .. Eduardo Costa .. -BEGIN PGP SIGNATURE- Version: GnuPG/MacGPG2 v2.0.14 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iQEcBAEBAgAGBQJOOH/zAAoJEM0PA7cQuGW6SQUIAKHzPTFhdVQK/os3VH1nm9lJ /i0u8h0p+0/fivJDbnp1duAtTEwWmKV0ACchQ7/E8p2pbO02OR/gO/F/q0V7UGW7 jbd3j4Wiu3fO4DnzyJNh6bpjP02s0gxfkTbabCjEYBfUm4z5PgTkm93U188OmZPI 17sqYdEpKtHeEKSzOPObpaQoRGJH9w24XWI4WYiN6aRNh8ncRfmhWGnQ03Eb+36N hXGodrljNiVcsaxxVoetcxp3UK27IWlCs2cDiBij37xCTA1GMNk1L+bOMJvbuAik R6zvPHQ6zBOfQGB9JTzd75xdJ/u8QFxEf2FztZJvpz6ol1lLCQKncyp1P4I10x0= =sw+o -END PGP SIGNATURE- -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org
Re: [Mailman-Users] Question about moderation
Eduardo Costa wrote: It is possible and how, in a list with multiple moderators to check which of the moderators moderated message? Not within Mailman, but Mailman's vette log will have a time stamp, and using that you can check your MTA's logs for who sent the approve/discard message if it was sent by email or the web server's logs for the IP address of the POST transaction if the moderation was via the web. -- Mark Sapiro m...@msapiro.netThe highway is for gamblers, San Francisco Bay Area, Californiabetter use your sense - B. Dylan -- Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org