diff options
author | bwarsaw <> | 2003-12-14 17:57:40 +0000 |
---|---|---|
committer | bwarsaw <> | 2003-12-14 17:57:40 +0000 |
commit | 87bd68cb93a11cf332fc62074009e0ba2c4e9c9f (patch) | |
tree | 02b8b9788d57e08d8471bfc77fc0fc1735b49e7b | |
parent | 4f72de6d37ea20aeef90e87312c2dd3f1e23202c (diff) | |
download | mailman2-87bd68cb93a11cf332fc62074009e0ba2c4e9c9f.tar.gz mailman2-87bd68cb93a11cf332fc62074009e0ba2c4e9c9f.tar.xz mailman2-87bd68cb93a11cf332fc62074009e0ba2c4e9c9f.zip |
check_privs(): Set the process's supplemental groups to those of the
setuid'd user, if os.setgroup() is available (it's not in Python
2.1). Close SF bug #777444 posted by Richard Barrett, identified and
solved by Jonas Muerer.
-rw-r--r-- | bin/mailmanctl | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/bin/mailmanctl b/bin/mailmanctl index 4ebeb836..d49309ea 100644 --- a/bin/mailmanctl +++ b/bin/mailmanctl @@ -288,6 +288,13 @@ def check_privs(): uid = pwd.getpwnam(mm_cfg.MAILMAN_USER)[2] myuid = os.getuid() if myuid == 0: + groups = [x[2] for x in grp.getgrall() if mm_cfg.MAILMAN_USER in x[3]] + groups.append(gid) + try: + os.setgroups(groups) + except AttributeError: + # Python 2.1 doesn't have setgroups + syslog('error', 'Warning: unable to setgroups(%s)' % groups) os.setgid(gid) os.setuid(uid) elif myuid <> uid: |