NetBSD Problem Report #24041
Received: (qmail 28252 invoked by uid 605); 10 Jan 2004 17:31:57 -0000
Message-Id: <20040110173154.8A545D9CF@nix.gw.com>
Date: Sat, 10 Jan 2004 12:31:54 -0500 (EST)
From: kim@tac.nyc.ny.us (Kimmo Suominen)
Sender: gnats-bugs-owner@NetBSD.org
To: gnats-bugs@gnats.NetBSD.org
Subject: mailman-2.1.3 check_perms errors
X-Send-Pr-Version: 3.95
>Number: 24041
>Category: pkg
>Synopsis: mailman-2.1.3 check_perms errors
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: pkg-manager
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sat Jan 10 17:32:00 +0000 2004
>Closed-Date: Sun Jan 05 14:40:51 +0000 2020
>Last-Modified: Sun Jan 05 14:40:51 +0000 2020
>Originator: Kimmo Suominen
>Release: NetBSD 1.6ZG / pkgsrc 2003-12-27
>Organization:
_ _
| |_(_)_ __
| / / | ' \ Kimmo Suominen
|_\_\_|_|_|_| kim@tac.nyc.ny.us
>Environment:
System: NetBSD nix.gw.com 1.6ZG NetBSD 1.6ZG (GW-GENERIC) #63: Sat Dec 27 21:40:17 EST 2003 kim@nix.gw.com:/usr/src/sys/arch/i386/compile/GW-GENERIC i386
Architecture: i386
Machine: i386
>Description:
Running /usr/pkg/lib/mailman/bin/check_perms identifies 106 errors,
and exits with a traceback due to a ".pkgsrc" file.
>How-To-Repeat:
directory must be at least 02775: /var/db/mailman
directory must be at least 02775: /usr/pkg/lib/mailman
directory permissions must be 0775: /usr/pkg/lib/mailman/support
directory permissions must be 0775: /usr/pkg/lib/mailman/bin
directory permissions must be 0775: /usr/pkg/lib/mailman/templates
directory permissions must be 0775: /usr/pkg/lib/mailman/scripts
directory permissions must be 0775: /usr/pkg/lib/mailman/cron
directory permissions must be 0775: /usr/pkg/lib/mailman/pythonlib
directory permissions must be 0775: /usr/pkg/lib/mailman/Mailman
directory permissions must be 0775: /usr/pkg/lib/mailman/messages
directory permissions must be 0775: /usr/pkg/lib/mailman/icons
directory permissions must be 0775: /usr/pkg/lib/mailman/tests
directory permissions must be 0775: /usr/pkg/lib/mailman/cgi-bin
directory permissions must be 0775: /usr/pkg/lib/mailman/mail
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/big5
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/cs
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/de
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/en
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/es
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/et
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/eu
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/fi
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/fr
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/gb
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/hu
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/it
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/ja
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/ko
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/lt
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/nl
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/no
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/pl
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/pt
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/pt_BR
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/ru
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/sr
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/sv
directory permissions must be 0775: /usr/pkg/lib/mailman/templates/uk
directory permissions must be 0775: /usr/pkg/lib/mailman/pythonlib/email
directory permissions must be 0775: /usr/pkg/lib/mailman/pythonlib/japanese
directory permissions must be 0775: /usr/pkg/lib/mailman/pythonlib/lib
directory permissions must be 0775: /usr/pkg/lib/mailman/pythonlib/korean
directory permissions must be 0775: /usr/pkg/lib/mailman/pythonlib/japanese/python
directory permissions must be 0775: /usr/pkg/lib/mailman/pythonlib/japanese/c
directory permissions must be 0775: /usr/pkg/lib/mailman/pythonlib/japanese/mappings
directory permissions must be 0775: /usr/pkg/lib/mailman/pythonlib/japanese/aliases
directory permissions must be 0775: /usr/pkg/lib/mailman/pythonlib/lib/python2.2
directory permissions must be 0775: /usr/pkg/lib/mailman/pythonlib/lib/python2.2/site-packages
directory permissions must be 0775: /usr/pkg/lib/mailman/pythonlib/korean/mappings
directory permissions must be 0775: /usr/pkg/lib/mailman/pythonlib/korean/c
directory permissions must be 0775: /usr/pkg/lib/mailman/pythonlib/korean/python
directory permissions must be 0775: /usr/pkg/lib/mailman/Mailman/Cgi
directory permissions must be 0775: /usr/pkg/lib/mailman/Mailman/Logging
directory permissions must be 0775: /usr/pkg/lib/mailman/Mailman/Archiver
directory permissions must be 0775: /usr/pkg/lib/mailman/Mailman/Handlers
directory permissions must be 0775: /usr/pkg/lib/mailman/Mailman/Queue
directory permissions must be 0775: /usr/pkg/lib/mailman/Mailman/Bouncers
directory permissions must be 0775: /usr/pkg/lib/mailman/Mailman/MTA
directory permissions must be 0775: /usr/pkg/lib/mailman/Mailman/Gui
directory permissions must be 0775: /usr/pkg/lib/mailman/Mailman/Commands
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/cs
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/da
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/de
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/es
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/et
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/eu
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/fi
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/fr
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/hu
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/it
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/ja
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/ko
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/lt
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/nl
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/no
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/pl
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/pt
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/pt_BR
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/ru
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/sr
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/sv
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/uk
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/cs/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/da/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/de/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/es/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/et/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/eu/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/fi/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/fr/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/hu/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/it/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/ja/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/ko/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/lt/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/nl/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/no/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/pl/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/pt/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/pt_BR/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/ru/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/sr/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/sv/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/messages/uk/LC_MESSAGES
directory permissions must be 0775: /usr/pkg/lib/mailman/tests/bounces
directory permissions must be 0775: /usr/pkg/lib/mailman/tests/msgs
/var/db/mailman/archives/private must not be other-readable
/usr/pkg/lib/mailman/mail/mailman must be set-gid
Traceback (most recent call last):
File "/usr/pkg/lib/mailman/bin/check_perms", line 373, in ?
checkdata()
File "/usr/pkg/lib/mailman/bin/check_perms", line 327, in checkdata
mode = statmode(path)
File "/usr/pkg/lib/mailman/bin/check_perms", line 87, in statmode
return os.stat(path)[ST_MODE]
OSError: [Errno 20] Not a directory: '/var/db/mailman/lists/.pkgsrc/config.pck'
>Fix:
I'm not sure how to prevent the ".pkgsrc" file from being created.
Could it be removed from an INSTALL script?
The permissions could possibly be best fixed by running "check_perms -f"
as the last step of the installation.
>Release-Note:
>Audit-Trail:
Responsible-Changed-From-To: pkg-manager->kim
Responsible-Changed-By: kim@netbsd.org
Responsible-Changed-When: Sat, 25 Dec 2004 16:55:20 +0000
Responsible-Changed-Why:
i'm taking care of this
State-Changed-From-To: open->closed
State-Changed-By: kim@netbsd.org
State-Changed-When: Sat, 25 Dec 2004 16:55:20 +0000
State-Changed-Why:
problem fixed
From: Kimmo Suominen <kim@netbsd.org>
To: gnats-bugs@netbsd.org
Cc:
Subject: PR/24041 CVS commit: pkgsrc/mail/mailman
Date: Sat, 25 Dec 2004 16:55:33 +0000 (UTC)
Module Name: pkgsrc
Committed By: kim
Date: Sat Dec 25 16:55:33 UTC 2004
Modified Files:
pkgsrc/mail/mailman: Makefile PLIST
Added Files:
pkgsrc/mail/mailman/files: DEINSTALL INSTALL
Log Message:
Change permissions of installed files to match what is required by
the software to work. Run "check_perms -f" to make sure permissions
are correct (it still fixes a setgid problem with "mail/mailman").
Remove mm_cfg.pyc (compiled copy of mm_cfg.py) always, so the package
can be deinstalled cleanly.
Closes PR pkg/24041.
To generate a diff of this commit:
cvs rdiff -r1.15 -r1.16 pkgsrc/mail/mailman/Makefile
cvs rdiff -r1.4 -r1.5 pkgsrc/mail/mailman/PLIST
cvs rdiff -r0 -r1.1 pkgsrc/mail/mailman/files/DEINSTALL \
pkgsrc/mail/mailman/files/INSTALL
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
From: Soren Jacobsen <snj@netbsd.org>
To: gnats-bugs@netbsd.org
Cc:
Subject: PR/24041 CVS commit: [pkgsrc-2004Q4] pkgsrc/mail/mailman
Date: Tue, 22 Feb 2005 22:13:28 +0000 (UTC)
Module Name: pkgsrc
Committed By: snj
Date: Tue Feb 22 22:13:28 UTC 2005
Modified Files:
pkgsrc/mail/mailman [pkgsrc-2004Q4]: Makefile PLIST distinfo
Added Files:
pkgsrc/mail/mailman [pkgsrc-2004Q4]: DEINSTALL INSTALL
pkgsrc/mail/mailman/patches [pkgsrc-2004Q4]: patch-ai
Log Message:
Pullup ticket 304 - requested by Lubomir Sedlacik
security fix for mailman
Revisions pulled up:
- pkgsrc/mail/mailman/Makefile 1.16,1.19
- pkgsrc/mail/mailman/PLIST 1.5
- pkgsrc/mail/mailman/files/DEINSTALL 1.1
- pkgsrc/mail/mailman/files/INSTALL 1.1
- pkgsrc/mail/mailman/distinfo 1.5
- pkgsrc/mail/mailman/patches/patch-ai 1.1
Module Name: pkgsrc
Committed By: kim
Date: Sat Dec 25 16:55:33 UTC 2004
Modified Files:
pkgsrc/mail/mailman: Makefile PLIST
Added Files:
pkgsrc/mail/mailman/files: DEINSTALL INSTALL
Log Message:
Change permissions of installed files to match what is required by
the software to work. Run "check_perms -f" to make sure permissions
are correct (it still fixes a setgid problem with "mail/mailman").
Remove mm_cfg.pyc (compiled copy of mm_cfg.py) always, so the package
can be deinstalled cleanly.
Closes PR pkg/24041.
---
Module Name: pkgsrc
Committed By: tv
Date: Mon Feb 14 16:56:38 UTC 2005
Modified Files:
pkgsrc/mail/mailman: Makefile distinfo
Added Files:
pkgsrc/mail/mailman/patches: patch-ai
Log Message:
Apply patch from Mailman maintainers to fix vulnerability described in:
http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0202
To generate a diff of this commit:
cvs rdiff -r0 -r1.1.2.1 pkgsrc/mail/mailman/DEINSTALL \
pkgsrc/mail/mailman/INSTALL
cvs rdiff -r1.15 -r1.15.2.1 pkgsrc/mail/mailman/Makefile
cvs rdiff -r1.4 -r1.4.8.1 pkgsrc/mail/mailman/PLIST
cvs rdiff -r1.4 -r1.4.4.1 pkgsrc/mail/mailman/distinfo
cvs rdiff -r0 -r1.1.2.1 pkgsrc/mail/mailman/patches/patch-ai
Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.
State-Changed-From-To: closed->open
State-Changed-By: joerg@narn.netbsd.org
State-Changed-When: Tue, 05 Feb 2008 23:58:56 +0000
State-Changed-Why:
I would like to reevaluate this problem.
The current permissions are IMO completely wrong. Mailman
should not be able to write to the code (e.g. lib/mailman)
and the only files that should need group mailman are the
cgi-bin scripts. Can any user mailman user confirm that
chown -R root:wheel /usr/pkg/lib/mailman
chmod -R g-w /usr/pkg/lib/mailman
chgrp -R mailman /usr/pkg/lib/mailman/cgi-bin/*
chmod g+s /usr/pkg/lib/mailman/cgi-bin/*
does not break mailman? I think the check_perms script is broken
for the separate var_prefix case.
Responsible-Changed-From-To: kim->pkg-manager
Responsible-Changed-By: kim@NetBSD.org
Responsible-Changed-When: Sun, 05 Jan 2020 14:09:03 +0000
Responsible-Changed-Why:
I'm not able to re-evaluate this, as I don't use mailman
anymore and I wouldn't have a test suite either.
State-Changed-From-To: open->closed
State-Changed-By: kim@NetBSD.org
State-Changed-When: Sun, 05 Jan 2020 14:40:51 +0000
State-Changed-Why:
I'm the originator and do not have a problem anymore.
>Unformatted:
(Contact us)
$NetBSD: gnats-precook-prs,v 1.4 2018/12/21 14:20:20 maya Exp $
$NetBSD: gnats_config.sh,v 1.9 2014/08/02 14:16:04 spz Exp $
Copyright © 1994-2017
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home