Mailman 2.1.5 mass subscription fails

To: Debian User List <debian-user@lists.debian.org>
Subject: Mailman 2.1.5 mass subscription fails
From: "Todd A. Jacobs" <nospam@codegnome.org>
Date: Mon, 27 Feb 2006 10:48:36 -0800
Message-id: <[🔎] 20060227184835.GI1748@penguin.codegnome.org>
Mail-followup-to: debian-user@lists.debian.org

I'm running Sarge, with Apache and mod_security in place. I found that I
had to disable mod_chroot to get mailman working, because python isn't
in the chroot jail. Is there any way to get mod_chroot working with
mailman?

More importantly, even with mod_chroot off, when I attempt to access the
mass subscription option for a list, I get a 403 error:

    Forbidden
    You don't have permission to access
    /cgi-bin/mailman/admin/testlist/members/add on this server.

This seems to be the offending line in the mod_security configuration
file:

    SecFilterSelective HTTP_Content-Type
    "!(^$|^application/x-www-form-urlencoded$|^multipart/form-data)"

Obviously, the problem is that form-data is being denied. I want to
enable it for mailman, but disable it elsewhere. Is there a simple and
secure way to do that?

-- 
Re-Interpreting Historic Miracles with SED #141: %s/water/wine/g

Reply to:

Follow-Ups:
- Re: Mailman 2.1.5 mass subscription fails
  - From: "Todd A. Jacobs" <nospam@codegnome.org>

Prev by Date: Re: No xterm window by default?
Next by Date: Re: Mailman 2.1.5 mass subscription fails
Previous by thread: Re: CUPS - utterly puzzled
Next by thread: Re: Mailman 2.1.5 mass subscription fails
Index(es):
- Date
- Thread