Re: MailMan Security patch for Woody Broken?
On Thu, Aug 15, 2002 at 09:22:51PM +0200, Florent Rougon wrote:
> Matt Zimmerman <mdz@debian.org> wrote:
>
> > Python 1.5.2 (#0, Jan 13 2002, 13:19:04) [GCC 2.95.4 20011223 (Debian prerelease)] on linux2
> > Copyright 1991-1995 Stichting Mathematisch Centrum, Amsterdam
> > >>> ''.lower()
> > Traceback (innermost last):
> > File "<stdin>", line 1, in ?
> > AttributeError: 'string' object has no attribute 'lower'
>
> Good shot, but the latest mailman in woody (2.0.11-1woody2) depends on
> python and python depends on python2.1 (>= 2.1.3-1), so I think there is
> something weird here.
>
> I'm bringing this discussion on debian-python. Please drop debian-devel
> on followups.
Two things to check;
1) does the mailman script start with "#!/usr/bin/python" or "#!/usr/bin/env
python"
2) does the user reporting the problem have a rogue copy of python 1.x
installed from source somewhere?
The current Debian Python policy does allow packaged scripts to begin with
"#!/usr/bin/env python", but it is discoraged because it can cause problems
like this when people have non-packaged pythons installed in /usr/local (or
anywhere on the path).
If mailman does use "#!/usr/bin/env python" I would argue that this is a low
priority bug.
--
----------------------------------------------------------------------
ABO: finger abo@minkirri.apana.org.au for more info, including pgp key
----------------------------------------------------------------------
Reply to: