Sadly not. Removing this assignment makes lighttpd handle these files statically, i.e. deliver them instead of executing them.
For testing, I have replaced /usr/lib/mailman/cgi-bin/admin with some wrapper script which prints it's arguments, the environment and stdin first before executing the real 'admin'. Strangely, there's nothing suspicous there. Despite digging through the mailman and python cgi code for a while now, I have no idea where the added parameter comes from. Do you have any idea where to continue searching for the bug's source? -- You received this bug notification because you are a member of Mailman Coders, which is subscribed to GNU Mailman. https://bugs.launchpad.net/bugs/1160647 Title: request forgery check displayed when only viewing admin pages To manage notifications about this bug go to: https://bugs.launchpad.net/mailman/+bug/1160647/+subscriptions _______________________________________________ Mailman-coders mailing list [email protected] http://mail.python.org/mailman/listinfo/mailman-coders
