aboutsummaryrefslogtreecommitdiffstats
path: root/contrib/README.check_perms_grsecurity
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--contrib/README.check_perms_grsecurity14
1 files changed, 14 insertions, 0 deletions
diff --git a/contrib/README.check_perms_grsecurity b/contrib/README.check_perms_grsecurity
new file mode 100644
index 00000000..6d1d0389
--- /dev/null
+++ b/contrib/README.check_perms_grsecurity
@@ -0,0 +1,14 @@
+The check_perms_grsecurity.py script, if copied in your installed
+~mailman/bin/ directory and run from there will modify permissions of
+files so that Mailman with extra restrictions imposed by linux kernel security
+patches like securelinux/openwall in 2.2.x or grsecurity in 2.4.x
+
+The way it works is that it makes sure that the UID of any script that
+touches config.pck is `mailman'. What this means however is that
+scripts in ~mailman/bin will now only work if run as user mailman or
+root (the script then changes its UID and GID to mailman).
+To make grsecurity happy, we remove the group writeable bit on a directories
+that contain binaries.
+
+Enjoy
+Marc MERLIN <marc_soft@merlins.org>/<marc_bts@vasoftware.com> - 2001/12/10
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-22 15:15:20 +0000