Mailman 2.1.5 mass subscription fails
I'm running Sarge, with Apache and mod_security in place. I found that I
had to disable mod_chroot to get mailman working, because python isn't
in the chroot jail. Is there any way to get mod_chroot working with
mailman?
More importantly, even with mod_chroot off, when I attempt to access the
mass subscription option for a list, I get a 403 error:
Forbidden
You don't have permission to access
/cgi-bin/mailman/admin/testlist/members/add on this server.
This seems to be the offending line in the mod_security configuration
file:
SecFilterSelective HTTP_Content-Type
"!(^$|^application/x-www-form-urlencoded$|^multipart/form-data)"
Obviously, the problem is that form-data is being denied. I want to
enable it for mailman, but disable it elsewhere. Is there a simple and
secure way to do that?
--
Re-Interpreting Historic Miracles with SED #141: %s/water/wine/g
Reply to: