mailman 2.1 tarball permissions

The tarball contains world writeable directories and
files by default. This
may be a problem on systems where users do not have a
sane umask or safe
directory permissions, allowing an attacker to modify
source code that is
later compiled (usually as root) and that is installed
setuid/setgid
(allowing for easy insertion of backdoors).
<email address hidden>

[http://sourceforge.net/tracker/index.php?func=detail&aid=664575&group_id=103&atid=100103]