mailmanctl check_privs should check effective uid, not real uid
Bug #1491187 reported by
Mark Sapiro
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| GNU Mailman |
Fix Released
|
Medium
|
Mark Sapiro | ||
Bug Description
Situations can arise where mailmanctl is running with an effective uid of 'mailman' and a real uid of 'root'. Such a situation is if logrotate does 'su mailman mailman' to rotate mailman's logs and then invokes 'mailmanctl reopen' in a postrotate script.
In this case, mailmanctl gets its real uid which is 'root' and then tries to do os.setgroups, but the effective uid is 'mailman' which doesn't have permission to set groups.
| Changed in mailman: | |
| milestone: | 2.1.21 → 2.1.21rc1 |
| status: | In Progress → Fix Released |
To post a comment you must log in.
