FAQ
Does one really need root privileges to install mailman?

Surely I could install mailman on my web shared hosting plan
without root. (As the version of mailman Dreamhost provides gives the
administrator only access to the web interface, and not the shell
scripts -- drives one nuts trying to debug.)

I'll just use --with-username=$USER --with-groupname=`id -g` ...
--with-cgi-ext=.cgi etc. and then use my .procmailrc to redirect what
comes to the extra mailboxes my hosting plan allows me to make...

And for sending mail I can use /usr/sbin/sendmail -i -f ...

Is the above neglecting a fundamental principle?

http://sourceforge.net/tracker/index.php?funcÞtail&aid67285&group_id3&atid0103

Search Discussions

  • Brad Knowles at Jan 17, 2008 at 11:52 pm

    On 1/18/08, jidanni at jidanni.org wrote:

    Does one really need root privileges to install mailman?
    Yup.

    --
    Brad Knowles <brad at shub-internet.org>
    LinkedIn Profile: <http://tinyurl.com/y8kpxu>
  • Jidanni at Jan 18, 2008 at 12:41 am
    Does one really need root privileges to install mailman?
    BK> Yup.

    I see. See ya. Bye.

    SJT> You could probably make it "work" more or less, but to make things
    SJT> secure you do need root privileges.
    Is the above neglecting a fundamental principle?
    SJT> Yes. Security. If your host allows you to do such things, I strongly
    SJT> suggest you find one who won't. ;-)

    My mom just spent $400 for me for 5 years at Dreamhost. What's the
    worst that could happen? All the files on my account getting deleted?
    No problem, I'll just put mailman on a different one of my unlimited
    shell users. Now of course clogging the mail system for others would
    not be acceptable.

    Anyway it seems mailman is complicated enough to just use the web half
    that Dreamhost allows, as ask their support staff to fix things I
    can't reach.

    Imagine me not being to stop bad bots via .htaccess.
    Imagine all mail going straight to the moderator queue with no
    .procmail etc. filtering. That is what I'm worried about with only web
    access.

    BK> This is an open source project, maintained entirely by volunteers
    Never mind, I'll try the competition.
    $ w3m -dump http://www.sympa.org/|grep Sorry
    Sorry, you don't have enough rights to continue. Perhaps you forgot to login?

    OK, looks I'm stuck with you guys.
    BK> You're welcome to join the translation team, if you like.
    My expertise is in just reporting lots of minor bugs.
  • Brandon Sussman at Jan 18, 2008 at 1:30 am

    jidanni at jidanni.org wrote:
    My mom just spent $400 for me for 5 years at Dreamhost. What's the
    Since DreamHost already has implemented Mailman for you, why don't you
    concentrate on setting up your mail lists properly and securely?
  • Stephen J. Turnbull at Jan 18, 2008 at 2:14 am
    jidanni at jidanni.org writes:
    Is the above neglecting a fundamental principle?
    >
    SJT> Yes. Security. If your host allows you to do such things, I strongly
    SJT> suggest you find one who won't. ;-) >
    My mom just spent $400 for me for 5 years at Dreamhost. What's the
    worst that could happen? All the files on my account getting deleted?
    No problem,
    You need to learn that what *you* don't know can hurt the rest of us.
    Specifically, if the files on your account can be deleted, they can be
    replaced. Eg, with a set of spam filters that open the floodgates to
    a spammer, along with a brand new set of 1 million subscribers you
    never heard of.
    I'll just put mailman on a different one of my unlimited shell
    users.
    No, you'll lose all your unlimited shell users, and be banned for life
    from that system. Nor will your mother get her $400 back, since you
    violated the AUP.
    Imagine me not being to stop bad bots via .htaccess.
    Imagine all mail going straight to the moderator queue with no
    .procmail etc. filtering. That is what I'm worried about with only web
    access.
    You get what you pay for. Hardware and bandwidth, unfortunately,
    cannot be provided in infinite amounts at negligible cost the way that
    software can.
  • Brad Knowles at Jan 18, 2008 at 3:57 pm

    On 1/18/08, jidanni at jidanni.org wrote:

    I see. See ya. Bye.
    Mailman is one of the most powerful and flexible mailing list
    management systems in the world, but it is not the right answer for
    everyone. If you're not a suitable candidate for using Mailman, then
    I'm sorry we can't help you, but we can't just wave a magic wand and
    make everything perfect for you instantly.
    My mom just spent $400 for me for 5 years at Dreamhost. What's the
    worst that could happen? All the files on my account getting deleted?
    Mailman just wasn't designed to be installed that way. If you need a
    tool that can be installed that way, you need to look elsewhere.
    Imagine me not being to stop bad bots via .htaccess.
    Imagine all mail going straight to the moderator queue with no
    .procmail etc. filtering. That is what I'm worried about with only web
    access.
    I have full privileged command-line access to the python.org servers,
    because I am the currently active member of the Python.org Postmaster
    Team, as well as the Mailmn Site Administrator and co-moderator of
    the various mailman-* mailing lists.

    Frankly, I do almost all of my Mailman administration via the web.
    Typically, the only times I ever need to log onto the server and
    access things via the command line is when there is a problem with a
    particular user not being able to send e-mail to us and I need to go
    do some deep searching of the MTA logs on the server and
    compare/contrast those with the Mailman logs.
    BK> You're welcome to join the translation team, if you like.

    My expertise is in just reporting lots of minor bugs.
    Apparently, you can also read at least one other language as well as
    English, so if you want to complain about the support that Mailman
    provides for other languages it would be pretty hypocritical of you
    to avoid contributing your skills and knowledge towards increasing
    the quality of the translations.

    We've got version 2.1.10 waiting in the wings, currently in the
    process of having the translations updated for other languages. This
    is an ideal opportunity for you to help yourself as well as to help
    others.


    Or, you could just keep complaining.

    --
    Brad Knowles <brad at shub-internet.org>
    LinkedIn Profile: <http://tinyurl.com/y8kpxu>
  • Jidanni at Jan 19, 2008 at 2:10 am
    Dudes, out of curiosity why can't mailman be totally installed and run
    without involving root? Indeed maybe it would be a safer and more
    portable installation.

    E.g., who cares what MTA is installed when one can just use:

    #Untested partial .procmailrc for a mailman list on a catchall mailbox
    #for a domain. No need to have root adjust some MTA's configuration!
    0:
    LIST=nurds
    *$^TO_ $LIST-\/(admin|bounces|confirm|join|leave|owner|request|subscribe|unsubscribe)
    mail/mailman $MATCH $LIST
    0:
    *$^TO_ $LIST
    mail/mailman post $LIST
    And the mailman directory tree we just tailor in ./configure to match
    the site's apache setup. No meddling with apache config files.

    And sending mail we just send to port 25 or /usr/lib/sendmail.

    I mean one can install e.g., MediaWiki with all the bells and whistles
    without root.

    Does mailman run setuid root? No. SetGID seems no big hurdle on most
    unix accounts. CGI is a feature of most hosting accounts. Mailbox
    forwarding and aliases are features of most hosting accounts.

    There, see, I have rewritten your thinking: indeed a totally
    non-root-involved installation keeps one insulated from (and meddling
    with) the underlying details. Yes, rewritten your thinking, all
    without testing. Hope it really works. "What could go wrong?"
  • Brad Knowles at Jan 19, 2008 at 2:37 am

    On 1/19/08, jidanni at jidanni.org wrote:

    Dudes, out of curiosity why can't mailman be totally installed and run
    without involving root? Indeed maybe it would be a safer and more
    portable installation.
    Feel free to give it a try and report back to us.
    E.g., who cares what MTA is installed when one can just use:

    #Untested partial .procmailrc for a mailman list on a catchall mailbox
    #for a domain. No need to have root adjust some MTA's configuration!
    Okay, so now you've just made Mailman 100% dependant on having
    procmail installed, as opposed to not really caring what MTA may be
    installed, and being able to work with multiple different MTAs.
    There, see, I have rewritten your thinking: indeed a totally
    non-root-involved installation keeps one insulated from (and meddling
    with) the underlying details. Yes, rewritten your thinking, all
    without testing. Hope it really works. "What could go wrong?"
    No, you haven't totally rewritten anything, except maybe your own
    memory of how you magically improve anything you touch.

    --
    Brad Knowles <brad at shub-internet.org>
    LinkedIn Profile: <http://tinyurl.com/y8kpxu>
  • Stephen J. Turnbull at Jan 18, 2008 at 12:08 am
    jidanni at jidanni.org writes:
    Does one really need root privileges to install mailman?
    You could probably make it "work" more or less, but to make things
    secure you do need root privileges.
    Is the above neglecting a fundamental principle?
    Yes. Security. If your host allows you to do such things, I strongly
    suggest you find one who won't. ;-)
  • JB at Jan 18, 2008 at 1:47 am
    Along the lines of this (Org. mail already dele'd & I forget who asked):

    <quote>
    jidanni at jidanni.org writes:
    Does one really need root privileges to install mailman?
    </quote>

    Would it be the problems of one doing a full install in a seperate folder on a shared host site?? Space not a problem for myself and I would surmise the orginal questioner.

    Just asking 'cause I realy do feel my expertise is far enough advanced -:).

    Tnx.

    Ed

Related Discussions

Discussion Navigation
viewthread | post
Discussion Overview
groupmailman-users @
categoriespython
postedJan 17, '08 at 9:12p
activeJan 19, '08 at 2:37a
posts10
users5
websitelist.org

People

Translate

site design / logo © 2022 Grokbase