Ben wrote: > >I tried explicitly forcing permissions with 'chmod 777 config.pck', and >that made the Admin page work. So, the "660" permissions are the >problem, not the owner/group. However, when I tried the Admin page for >the list, I got "We're sorry, we hit a bug!" again: > >admin(4088): File "/usr/local/mailman/Mailman/MailList.py", line 512, >in __save >admin(4088): fp = open(fname_tmp, 'w') >admin(4088): IOError: [Errno 13] Permission denied: >'/usr/local/mailman/lists/friends/config.pck.tmp.LittleGuy.4088' > >This seems to be a widespread issue with Mailman under Cygwin - >permission don't behave as under Unix, so Mailman chokes easily. I >don't blame Mailman, I'm sure it's reasonable for it to expect >permissions to behave they way they should. > >However, at this point I'm wondering whether the Mailman + Cygwin >combination is workable. The Mailman website, Manual and FAQ reasonably >state that Mailman "does not currently work on Windows" and "some >source-code level changes are currently necessary to get Mailman working >under Cygwin" and "It probably does not work on Windows, although it's >possible you could get it running on a Cygwin system."
I think the above is a fair summary of the issue. I do have *test* mailman installs under Cygwin that work, but they are not accessable to the outside world. I don't know if it is possible to actually run Mailman in a secure way on a public server, because Mailman's security is based on SETGID wrappers, and I don't think SETGID actually works under Cygwin. >This makes me sad, as I had high hopes, as I cannot find any real >alternative to Mailman in the Windows world, neither free nor >commercial. All I wanted to do was to create a small mailing list on a >plain XP box, but it's become a week-long ordeal ending in frustration. > >I'm wide open to advice, although I suspect "Get a Linux machine" is the >likely response :( (I do have a Linux box, but this XP box is the >quiet, low-power always-on server machine in our office which runs our >website with Apache wonderfully, hence that's where I must install a >mailing list.) Here's how you can make it work. CAVEAT!! This will not be secure! (more below) >From your previous posts, I think your web server runs in the Administrators group. What are you running as a mail server? I use Exim under Cygwin and that works well and integrates well with Mailman. Anyway, your mail server needs to run in the Administrators group too. Then you need to make your mailman user a member of the Administrators group, not mm, and reconfigure Mailman with --with-groupname, --with-cgi-gid and --with-mail-gid all equal to Administrators. Then reinstall with 'make install' and run 'bin/check_perms -f' to make sure things are OK. You may need to change the group of your $prefix directory to Administrators before configure will run. Now everything will run in the Administrators group which will have permissions. The SETGID wrappers won't actually set group, but they will be run in the Administrators group anyway, so things will work. The problem is that Apache will now be able to access any Mailman files without going through the cgi-bin wrappers, so potentially, outside users can retrieve things like config.pck files that contain member lists and their passwords. You may be able to arrange the Apache config so that it is not possible to craft a URL that would retrieve files from Mailman directly. If so, you would be fairly safe, but I don't know much about this, so I don't know how easy or difficult this might be. Let us know how it works out. And if you have 'improvements' for FAQ 5.2, please give us those too. -- Mark Sapiro <[EMAIL PROTECTED]> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org http://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://www.python.org/cgi-bin/faqw-mm.py Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-users/archive%40jab.org Security Policy: http://www.python.org/cgi-bin/faqw-mm.py?req=show&file=faq01.027.htp
