Package: sympa
Version: 5.2.3-0.5
Severity: normal
/usr/lib/sympa/bin/arc2webarc.pl:unless (getlogin() eq 'root') {
/usr/lib/sympa/bin/archived.pl: chown 'root', 'root', $wwsconf->{'arc_path'};
/usr/lib/sympa/bin/archived.pl:$( = $) = (getgrnam('root'))[2];
/usr/lib/sympa/bin/archived.pl:$< = $> = (getpwnam('root'))[2];
/usr/lib/sympa/bin/archived.pl:&POSIX::setuid((getpwnam('root'))[2]);
/usr/lib/sympa/bin/archived.pl:&POSIX::setgid((getgrnam('root'))[2]);
/usr/lib/sympa/bin/bounced.pl:$( = $) = (getgrnam('root'))[2];
/usr/lib/sympa/bin/bounced.pl:$< = $> = (getpwnam('root'))[2];
/usr/lib/sympa/bin/bounced.pl:&POSIX::setuid((getpwnam('root'))[2]);
/usr/lib/sympa/bin/bounced.pl:&POSIX::setgid((getgrnam('root'))[2]);
/usr/lib/sympa/bin/mod2html.pl:$( = $) = (getgrnam('root'))[2];
/usr/lib/sympa/bin/mod2html.pl:$< = $> = (getpwnam('root'))[2];
/usr/lib/sympa/bin/sympa.pl: $( = $) = (getgrnam('root'))[2];
/usr/lib/sympa/bin/sympa.pl: $< = $> = (getpwnam('root'))[2];
/usr/lib/sympa/bin/sympa.pl: &POSIX::setuid((getpwnam('root'))[2]);
/usr/lib/sympa/bin/sympa.pl: &POSIX::setgid((getgrnam('root'))[2]);
/usr/lib/sympa/bin/task_manager.pl:$( = $) = (getgrnam('root'))[2];
/usr/lib/sympa/bin/task_manager.pl:$< = $> = (getpwnam('root'))[2];
/usr/lib/sympa/bin/task_manager.pl:&POSIX::setuid((getpwnam('root'))[2]);
/usr/lib/sympa/bin/task_manager.pl:&POSIX::setgid((getgrnam('root'))[2]);
/usr/lib/sympa/bin/tools.pl: my $uid = (getpwnam('root'))[2];
/usr/lib/sympa/bin/tools.pl: my $gid = (getgrnam('root'))[2];
/usr/lib/sympa/bin/tpl2tt2.pl:#unless (getlogin() eq 'root') {
/usr/lib/sympa/bin/tpl2tt2.pl: chown 'root', 'root', $dest_path;
/usr/lib/sympa/bin/tpl2tt2.pl: chown 'root', 'root', $out_file;
/usr/lib/cgi-bin/sympa/wwsympa.fcgi: unless ($> eq (getpwnam('root'))[2]) {
/usr/lib/cgi-bin/sympa/wwsympa.fcgi: &wwslog('err','Config error: wwsympa
should run with UID %s (instead of %s)', (getpwnam('root'))[2], $>);
/usr/lib/cgi-bin/sympa/wwsympa_sudo_wrapper.pl:exec '/usr/bin/sudo', '-u',
'root', '/usr/lib/cgi-bin/sympa/wwsympa.fcgi'
All those 'root' come from '--USER--' in the code which itself comes
from the configure option :
--with-user=LOGIN set sympa user name (default sympa)
debian set's this option to root, because sympa user still not exist at
build time.
sympa runas user sympa, so all those setuid and other chown will not
have effect. Anyway, I don't feel comfortable with this and wouldn't
like somebody else to see such code... and the last 'sudo' is...
quite interesting.
Modifiing autoconf to have --with-user for the code and --with-owner for
the files as in my package has my preference.
You will prefer I think modifying all those --USER-- before build. Maybe
something more... less... than that :
find . -path './debian' -prune -o -type f -print -exec perl -i -pe
"s%\'--USER--\'%\'sympa\'%" {} ';'
-
- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (900, 'testing'), (200, 'unstable'), (10, 'experimental')
Architecture: i386 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-3-xen-amd64
Locale: LANG=fr_FR, LC_CTYPE=fr_FR (charmap=ISO-8859-1)
Versions of packages sympa depends on:
ii adduser 3.100 Add and remove users and groups
ii debconf [debconf-2.0] 1.5.8 Debian configuration management sy
ii libarchive-zip-perl 1.16-1 Module for manipulation of ZIP arc
ii libc6 2.3.6.ds1-8 GNU C Library: Shared libraries
ii libcgi-fast-perl 5.8.8-6.1 CGI::Fast Perl module
ii libcrypt-ciphersaber-perl 0.61-4 Perl module implementing CipherSab
ii libdbd-mysql-perl 3.0008-1 A Perl5 database interface to the
ii libdbi-perl 1.53-1 Perl5 database interface by Tim Bu
ii libfcgi-perl 0.67-2 FastCGI Perl module
ii libintl-perl 1.16-1 Uniforum message translations syst
ii libio-stringy-perl 2.110-1 Perl5 modules for IO from scalars
ii libmailtools-perl 1.74-1 Manipulate email in perl programs
ii libmd5-perl 2.03-1 backwards-compatible wrapper for D
ii libmime-perl 5.420-0.1 Perl5 modules for MIME-compliant m
ii libmsgcat-perl 1.03-3 Locale::Msgcat perl module
ii libnet-ldap-perl 1:0.33-2 A Client interface to LDAP servers
ii libtemplate-perl 2.14-1 template processing system written
ii libxml-libxml-perl 1.59-2 Perl module for using the GNOME li
ii mhonarc 2.6.16-1 Mail to HTML converter
ii perl [libmime-base64-perl] 5.8.8-6.1 Larry Wall's Practical Extraction
ii perl-suid 5.8.8-6.1 Runs setuid Perl scripts
ii postfix [mail-transport-agen 2.3.4-3 A high-performance mail transport
ii sysklogd [system-log-daemon] 1.4.1-18 System Logging Daemon
Versions of packages sympa recommends:
ii doc-base 0.7.21 utilities to manage online documen
ii logrotate 3.7.1-3 Log rotation utility
-- debconf information:
* wwsympa/webserver_type: Apache
* sympa/listmaster: [EMAIL PROTECTED]
* wwsympa/wwsympa_url: http://test.u-picardie.fr/wws
* wwsympa/webserver_restart: true
* sympa/hostname: test.u-picardie.fr
* sympa/db_options:
sympa/wwsympa_configured: true
* sympa/db_name: sympa
* sympa/db_type: MySQL
* sympa/db_configured: true
* sympa/db_hostname: localhost
* sympa/language: en_US
* sympa/use_db: true
sympa/db_removeonpurge: false
* wwsympa/remove_spool: true
* sympa/db_user: sympa
* wwsympa/fastcgi: false
* sympa/use_wwsympa: true
sympa/db_authtype: Ident-based
sympa/db_port:
sympa/remove_spool: false
* sympa/smime_support: false
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
