Sympa Mailing List manager – suidperl module

[ElgertS]

Has anyone worked with suidperl? I can’t find what to install in CPAN or anywhere else for that matter. Googling gets lots of CERT security advisories, but no installer info. Sympa needs this for the web interface to function.

[ElgertS]

I have not found a way to install suidperl on OS X Server yet and have been given some notes from the Sympa user list regarding an alternative solution involving changing the Apache user to Sympa. Does anyone know how to achieve this? I would imagine this must happen in NetInfo.

Here are the emails I received regarding this issue:

[quote:1fe0b6aa4b]If you don’t have suidperl on MasOS then you should unset the SetUID bit on wwsympa.fcgi (chmod u-s).
Then you have 3 solutions to run wwsympa.fcgi as the ‘sympa’ user :

1. ?Make your main Apache server run as user ‘sympa’
2. If you can not, run an Apache Virtual Host as user ‘sympa’
3. Have a try with sudo : http://www.courtesan.com/sudo/

Please let us know if you have some news about suidperl and MacOS…
[/quote:1fe0b6aa4b]

In addition to this one:

[quote:1fe0b6aa4b]Have a look to wwsympa first line. It must look like #!/usr/bin/perl just replace it with #!/usr/bin/perl -u

The best solutiopnn is probably to run apache as user sympa : there is 2 way to do it

-add “uid” and “gid” apache parameter in httpd.conf look at it in apache.org

-modify /etc/passwd and select the same uid/gid for both httpd| apache and for sympa
[/quote:1fe0b6aa4b]

[ElgertS]

the DBD::mysql perl module was recently patched and the update broke Sympa. Sympa was patched the next day so you need to install or update to version 3.4.4.2 if you update or install the new DBD::mysql module.

[Author]

Posts