FAQ
I am trying to create some php forms that use the shell_exec function
to run some of the Mailman command line commands. i.e. I have a script
that lets an admin user enter an email address and then uses the
find_member script to return all lists that email address is in. To do
this I had to set the permissions on the config.pck files to 664 (I am
the only one with shell access to the server).

This works fine except that for some reason the permissions will
sometimes revert back to 660 and then the script won't work. Only one
config.pck file has to have 660 permissions for the script not to work.
When I change that particular file back to 664 - the script works
again. ANy ideas on what would cause the permissions to change back to
660?

I would also like to be able to add members or remove members etc using
this method but I get permissions errors even if I change the
permissions to 666 on all the files in particular list directory. Any
ideas on what I would need to do to be able to do this?

Thanks for any help on this one.

Dave Bevis

Search Discussions

  • John Dennis at Dec 9, 2005 at 8:12 pm

    On Fri, 2005-12-09 at 12:46 -0600, Dave B wrote:
    I am trying to create some php forms that use the shell_exec function
    to run some of the Mailman command line commands. i.e. I have a script
    that lets an admin user enter an email address and then uses the
    find_member script to return all lists that email address is in. To do
    this I had to set the permissions on the config.pck files to 664 (I am
    the only one with shell access to the server).

    This works fine except that for some reason the permissions will
    sometimes revert back to 660 and then the script won't work. Only one
    config.pck file has to have 660 permissions for the script not to work.
    When I change that particular file back to 664 - the script works
    again. ANy ideas on what would cause the permissions to change back to
    660?

    I would also like to be able to add members or remove members etc using
    this method but I get permissions errors even if I change the
    permissions to 666 on all the files in particular list directory. Any
    ideas on what I would need to do to be able to do this?

    Thanks for any help on this one.
    Essentially you have two choices:

    1) The php script executes as a member of the mailman group

    2) The php script invokes a wrapper just like the CGI does. This is
    preferred for a variety of security reasons. It would not be hard to
    create a new wrapper from the existing wrapper src code.
    --
    John Dennis <jdennis at redhat.com>
  • Christopher X. Candreva at Dec 9, 2005 at 8:20 pm

    On Fri, 9 Dec 2005, John Dennis wrote:

    2) The php script invokes a wrapper just like the CGI does. This is
    preferred for a variety of security reasons. It would not be hard to
    create a new wrapper from the existing wrapper src code.
    I'm giving serious thought to writing a mailman 'server', sort of like
    an SQL server process. It would let a cgi authenticate, then issue commands.
    Today it could just call the CLI programs, someday -- it could be the actual
    way MailMan does its work, with the other programs calling it.


    Drifting off topic . . . I've done mostly thinking about this because I
    don't know a lick of python, but it seems to me MailMan and the developers
    might benefit from breaking it up into more of a frontend/backend system. A
    'server' process that accepts messages, sends them from the queue, manages
    users, etc. Then the web stuff would be one front end to this. There could
    then be other front ends -- integrating with packages like PostNuke,
    shopping carts, etc.

    The Unix way is small programs that do one job well. :-)

    Am I the only one who thinks this is a good idea ? I'm willing to help how I
    can, and have zero interest in starting a fork. :-)

    -Chris

    ==========================================================
    Chris Candreva -- chris at westnet.com -- (914) 967-7816
    WestNet Internet Services of Westchester
    http://www.westnet.com/
  • Mark Sapiro at Dec 10, 2005 at 5:48 am

    Dave B wrote:
    This works fine except that for some reason the permissions will
    sometimes revert back to 660 and then the script won't work. Only one
    config.pck file has to have 660 permissions for the script not to work.
    When I change that particular file back to 664 - the script works
    again. ANy ideas on what would cause the permissions to change back to
    660?

    The mail list Save() method effectively moves the current config.pck to
    config.pck.last and saves a new one (it's more complicated than this
    for safety, but this is the effect). Thus, every time any list
    attribute is changed and saved (i.e. whenever a post is processed or
    the admin or admindb interfaces are changed or a member changes
    options, etc., etc.), a new config.pck is created with 'standard'
    permissions.

    --
    Mark Sapiro <msapiro at value.net> The highway is for gamblers,
    San Francisco Bay Area, California better use your sense - B. Dylan
  • Dave B at Dec 10, 2005 at 5:22 pm
    Does it use the umask setting? If so, it should be setting permissions
    to 644 (umask is 022) instead of the 660 that it sets. Is there a way
    to change what it uses as standard permissions?

    Thanks - Dave
    On Dec 9, 2005, at 11:48 PM, Mark Sapiro wrote:

    Dave B wrote:
    This works fine except that for some reason the permissions will
    sometimes revert back to 660 and then the script won't work. Only one
    config.pck file has to have 660 permissions for the script not to
    work.
    When I change that particular file back to 664 - the script works
    again. ANy ideas on what would cause the permissions to change back to
    660?

    The mail list Save() method effectively moves the current config.pck to
    config.pck.last and saves a new one (it's more complicated than this
    for safety, but this is the effect). Thus, every time any list
    attribute is changed and saved (i.e. whenever a post is processed or
    the admin or admindb interfaces are changed or a member changes
    options, etc., etc.), a new config.pck is created with 'standard'
    permissions.

    --
    Mark Sapiro <msapiro at value.net> The highway is for gamblers,
    San Francisco Bay Area, California better use your sense - B. Dylan

  • Mark Sapiro at Dec 10, 2005 at 6:38 pm
    ----- Original Message ---------------

    Dave B wrote:
    Does it use the umask setting? If so, it should be setting permissions
    to 644 (umask is 022) instead of the 660 that it sets.

    It uses umask, but it sets it to 007 before creating the new file and
    restores it afterword, because it specifically doesn't want the file
    readable by 'other' as it contains plain text passwords. BTW, 644
    isn't good. It should be 664 (umask = 002) to do what you want as
    files should be group writable, but it isn't critical in the case of
    config.pck because it's always a new file that's written - the old one
    is only read.

    Is there a way
    to change what it uses as standard permissions?

    Only by changing the code in MailList.py.

    --
    Mark Sapiro <msapiro at value.net> The highway is for gamblers,
    San Francisco Bay Area, California better use your sense - B. Dylan
  • Dave B at Dec 12, 2005 at 3:50 pm
    I am guessing that this is a bad idea but I want to ask anyway. PHP
    runs as the Apache user which is www. I have added www to the mailman
    group and this works. I have since removed it but wanted to see whether
    that created too much of a security risk?

    Thanks - Dave
    On Dec 10, 2005, at 12:38 PM, Mark Sapiro wrote:



    ----- Original Message ---------------

    Dave B wrote:
    Does it use the umask setting? If so, it should be setting permissions
    to 644 (umask is 022) instead of the 660 that it sets.

    It uses umask, but it sets it to 007 before creating the new file and
    restores it afterword, because it specifically doesn't want the file
    readable by 'other' as it contains plain text passwords. BTW, 644
    isn't good. It should be 664 (umask = 002) to do what you want as
    files should be group writable, but it isn't critical in the case of
    config.pck because it's always a new file that's written - the old one
    is only read.

    Is there a way
    to change what it uses as standard permissions?

    Only by changing the code in MailList.py.

    --
    Mark Sapiro <msapiro at value.net> The highway is for gamblers,
    San Francisco Bay Area, California better use your sense - B. Dylan

  • Mark Sapiro at Dec 12, 2005 at 6:02 pm

    Dave B wrote:
    I am guessing that this is a bad idea but I want to ask anyway. PHP
    runs as the Apache user which is www. I have added www to the mailman
    group and this works. I have since removed it but wanted to see whether
    that created too much of a security risk?
    It allows apache to access Mailman files without going through the
    Mailman cgi-bin wrappers. Of course, by making permissions = 664 on
    config.pck, you allow even greater access to those files.

    The problem is that if someone can craft a URL or XSS attack or ? to
    retrieve a config.pck file directly, they can get the membership list
    and the plain text member passwords. Also, they can do something
    similar to get private archive files.

    A perhaps better way to do this since you said in the OP that you are
    the only one with shell access to the server, is to make the bin/
    scripts you want to use group mailman and SETGID. Then they should
    work no matter how they are run.

    The best way is to do as John Dennis suggested and create a SETGID
    wrapper to be executed by your PHP scripts. The wrapper would check to
    insure it was properly invoked before calling the appropriate bin/*
    script.

    --
    Mark Sapiro <msapiro at value.net> The highway is for gamblers,
    San Francisco Bay Area, California better use your sense - B. Dylan

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupmailman-users @
categoriespython
postedDec 9, '05 at 6:46p
activeDec 12, '05 at 6:02p
posts8
users4
websitelist.org

People

Translate

site design / logo © 2022 Grokbase