/usr/lib/mailman/cgi-bin is fixed, but not /usr/lib/mailman, also I would recommend to also change all other dir perms to a more restrictive setting. best regards, Florian La Roche
OK, I've changed it (not committed so far) and this is what I have: [hanzz@dhcp-29-218 mailman]$ tree -pd . ├── [drwxr-sr-x] bin ├── [drwxr-sr-x] cgi-bin ├── [drwxr-xr-x] cron ├── [drwxr-sr-x] icons ├── [drwxr-sr-x] mail ├── [drwxr-xr-x] Mailman │ ├── [drwxr-sr-x] Archiver │ ├── [drwxr-sr-x] Bouncers │ ├── [drwxr-sr-x] Cgi │ ├── [drwxr-sr-x] Commands │ ├── [drwxr-sr-x] Gui │ ├── [drwxr-sr-x] Handlers │ ├── [drwxr-sr-x] Logging │ ├── [drwxr-sr-x] MTA │ └── [drwxr-sr-x] Queue ├── [drwxr-sr-x] messages ├── [drwxr-sr-x] pythonlib ├── [drwxr-sr-x] scripts ├── [drwxr-sr-x] templates └── [drwxrwsr-x] tests ├── [drwxrwsr-x] bounces └── [drwxrwsr-x] msgs 131 directories I think it's OK, but if you see something bad there, please tell me.
Hello Jan, I've just put in the following change, but didn't do any further detailed review: @@ -194,6 +193,7 @@ # Normal install. make DESTDIR=$RPM_BUILD_ROOT install #make install prefix=$RPM_BUILD_ROOT%{mmdir} var_prefix=$RPM_BUILD_ROOT%{varmmdir} +chmod g-w -R $RPM_BUILD_ROOT%{mmdir} # Install the mailman init.d script mkdir -p $RPM_BUILD_ROOT/etc/rc.d/init.d best regards, Florian La Roche
Fixed it in rawhide yesterday.