This commit was manufactured by cvs2svn to create branch

'Release_2_1-maint'.
author: <> 2003-01-02 05:25:50 +0000
committer: <> 2003-01-02 05:25:50 +0000
commit: b132a73f15e432eaf43310fce9196ca0c0651465 (patch)
tree: c15f816ba7c4de99fef510e3bd75af0890d47441 /contrib/README.check_perms_grsecurity
download: mailman2-b132a73f15e432eaf43310fce9196ca0c0651465.tar.gz
mailman2-b132a73f15e432eaf43310fce9196ca0c0651465.tar.xz
mailman2-b132a73f15e432eaf43310fce9196ca0c0651465.zip
1 files changed, 14 insertions, 0 deletions
diff --git a/contrib/README.check_perms_grsecurity b/contrib/README.check_perms_grsecurity
new file mode 100644
index 00000000..6d1d0389
--- /dev/null
+++ b/contrib/README.check_perms_grsecurity
@@ -0,0 +1,14 @@
+The check_perms_grsecurity.py script, if copied in your installed
+~mailman/bin/ directory and run from there will modify permissions of
+files so that Mailman with extra restrictions imposed by linux kernel security
+patches like securelinux/openwall in 2.2.x or grsecurity in 2.4.x
+
+The way it works is that it makes sure that the UID of any script that
+touches config.pck is `mailman'. What this means however is that
+scripts in ~mailman/bin will now only work if run as user mailman or
+root (the script then changes its UID and GID to mailman).
+To make grsecurity happy, we remove the group writeable bit on a directories
+that contain binaries.
+
+Enjoy
+Marc MERLIN <marc_soft@merlins.org>/<marc_bts@vasoftware.com> - 2001/12/10
author	<>	2003-01-02 05:25:50 +0000
committer	<>	2003-01-02 05:25:50 +0000
commit	b132a73f15e432eaf43310fce9196ca0c0651465 (patch)
tree	c15f816ba7c4de99fef510e3bd75af0890d47441 /contrib/README.check_perms_grsecurity
download	mailman2-b132a73f15e432eaf43310fce9196ca0c0651465.tar.gz mailman2-b132a73f15e432eaf43310fce9196ca0c0651465.tar.xz mailman2-b132a73f15e432eaf43310fce9196ca0c0651465.zip