On 03/22/2017 08:18 AM, karrageorgiou.giannis--- via Mailman-Users wrote: > > I have a cgi program running under a site that > is NOT the one hosting the mailman's web > interface > (i.e. both mail.[domain] (mailman) and www.[domain] > are apache's virtual domains in the same system, > but under DIFFERENT user/group directives)
OK > The cgi program must generate userinfo lists > taking the email parts live from the list_members > stdout; when the various lists/*/config.pck are > world readable it works fine; but when their > permissions are reset/recreated, it breaks. > > Notice that I am not talking about the group > permissions, but world's. I even tried setting > an acl giving the cgi/httpd user read permissions > but again they get lost. This seems like a bad idea anyway. Does every list on your server have public archives and public list rosters? Anyone who can access a list's config.pck has access to the roster and the list passwords for all members. It seems making those files world readable is a very bad idea. > since there is no way to have the main site > under mailman's group, is there a way to > make mailman processes not ruin the world or > acl permissions on the */config.pck? Instead of that, just change the owner of the relevant Mailman files to the web server user of the other domain. This should allow that apache virtual domain to access the files, and as far as I know, no Mailman process will change the owner of these files and it won't matter for access from the mailman virtual domain because that's all controlled by group. You still will need to ensure that arbitrary visitors to the 'other' domain aren't able to retrieve those files, i.e. they are only accessible via your cgi and not via other URLs, but that should not be hard. You may also be interested in the 'members.c' program attached to <https://wiki.list.org/x/4030648>. -- Mark Sapiro <m...@msapiro.net> The highway is for gamblers, San Francisco Bay Area, California better use your sense - B. Dylan ------------------------------------------------------ Mailman-Users mailing list Mailman-Users@python.org https://mail.python.org/mailman/listinfo/mailman-users Mailman FAQ: http://wiki.list.org/x/AgA3 Security Policy: http://wiki.list.org/x/QIA9 Searchable Archives: http://www.mail-archive.com/mailman-users%40python.org/ Unsubscribe: https://mail.python.org/mailman/options/mailman-users/archive%40jab.org
