savannah-hackers
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Savannah-hackers] Re: Mailing lists support at Savannah

From: James E. Blair
Subject: [Savannah-hackers] Re: Mailing lists support at Savannah
Date: Tue, 26 Oct 2004 17:56:46 -0400
User-agent: Gnus/5.1006 (Gnus v5.10.6) Emacs/21.3 (gnu/linux) 
Sylvain Beucler <address@hidden> writes:

> Hi,
>
> We are planning to add the basic Mailman support in Savannah. There is
> a recent script in Savane called "sv_mailman" that does the job
> locally.

I've discussed this with others here at the office and we don't think
this is the best approach.

When we rebuilt savannah we audited all of the Perl scripts and
improved the coding conventions used in those scripts to make them
more secure.  They were written with a number of flaws that could be
exploited by attackers to gain local access.  sv_mailman does not
incorporate the kind of security-conscious coding that we would like
to see running on savannah.  Further, some of the improvements we have
made to other system scripts seem to have been reverted.  I'm not
talking about functional changes -- obviously all the savannah hackers
have done a lot of work to bring the system back to a usable state --
but rather changes in programming that have an adverse impact on
security.

If you would like, we can re-audit the savannah backend and point out
the problems and solutions, as well as guide you in more
security-conscious programming for the types of things that the
savannah backend scripts are doing.

When we made the new Associate Membership system, we had a similar
problem, in that agia.fsf.org needs to manage a mailing list on
lists.gnu.org.  We designed a system similar to the way we do
savannah web checkouts on www.gnu.org, and we designed it with
savannah in mind.

We considered doing remote mysql reads as you suggested, but we don't
want to expose mysql to the network.  A compromise of savannah's
database would be as bad as a compromise of the whole system.  Instead
you can create a list and update its membership by hitting URLs on the
web server on lists.gnu.org.  It's currently restricted to agia by IP,
but we can add savannah when you're ready.

You can read about how to use it at:

lists.gnu.org:/home/list/README.update.py

You might be able to copy the code we use for www.gnu.org and adapt it
for use in sv_mailman.  We could also do that work instead if you
want.

-Jim
reply via email to
[Prev in Thread] Current Thread [Next in Thread]