diff options
| author | Mark Sapiro <mark@msapiro.net> | 2018-06-11 09:59:26 -0700 |
|---|---|---|
| committer | Mark Sapiro <mark@msapiro.net> | 2018-06-11 09:59:26 -0700 |
| commit | d363c183a208a1ef34847656533cb818d7a7cf50 (patch) | |
| tree | 1481f31598316e141fba03af3e549b28fbef349b /Mailman/Utils.py | |
| parent | 0c2912a8d2a295a00260262cf6b7c01559d368b0 (diff) | |
| parent | 540452e22108455e4efebc8fa7340760a68607f7 (diff) | |
| download | mailman2-d363c183a208a1ef34847656533cb818d7a7cf50.tar.gz mailman2-d363c183a208a1ef34847656533cb818d7a7cf50.tar.xz mailman2-d363c183a208a1ef34847656533cb818d7a7cf50.zip | |
Implement security log.
Diffstat (limited to '')
| -rw-r--r-- | Mailman/Utils.py | 7 |
1 files changed, 6 insertions, 1 deletions
diff --git a/Mailman/Utils.py b/Mailman/Utils.py index 6038667b..9a3b4a8c 100644 --- a/Mailman/Utils.py +++ b/Mailman/Utils.py @@ -111,7 +111,12 @@ def list_exists(listname): # But first ensure the list name doesn't contain a path traversal # attack. if len(re.sub(mm_cfg.ACCEPTABLE_LISTNAME_CHARACTERS, '', listname)) > 0: - syslog('mischief', 'Hostile listname: %s', listname) + remote = os.environ.get('HTTP_FORWARDED_FOR', + os.environ.get('HTTP_X_FORWARDED_FOR', + os.environ.get('REMOTE_ADDR', + 'unidentified origin'))) + syslog('mischief', + 'Hostile listname: listname=%s: remote=%s', listname, remote) return False basepath = Site.get_listpath(listname) for ext in ('.pck', '.pck.last', '.db', '.db.last'): |