On Mon, Jan 08, 2007 at 06:35:45PM +0000, Reuben Thomas wrote:
> >What exactly happens in your case? What is the exact error message?
>
> This is the case that I was hoping should work:
>
> $ sudo chmod u+s /usr/bin/maildrop
> $ ls -l /usr/bin/maildrop
> -rwsr-sr-x 1 root mail 162132 2006-10-08 23:11 /usr/bin/maildrop
> $ echo foo | maildrop -V2 -d root
> ERR: authdaemon: s_connect() failed: No such file or directory
> maildrop: You are not a trusted user.
>
> This case doesn't work, but there's no problem:
>
> $ sudo chmod u-s /usr/bin/maildrop
> $ ls -l /usr/bin/maildrop
> -rwxr-sr-x 1 root mail 162132 2006-10-08 23:11 /usr/bin/maildrop
> $ echo foo | maildrop -V2 -d root
> ERR: authdaemon: s_connect() failed: No such file or directory
> maildrop: Cannot set my user or group id.
Well, the solution to this is to have esmtp run that command either
as the user root, daemon or mail (the trusted users), or not use -d.
Can you do either of this?
If we made all users trusted, you would have a potentially unsafe setuid
binary that can be run and poked at by everyone.
If maildrop is not setuid root itself, normal users have no chance to
ever use -d <someoneelse>.
--
2. That which causes joy or happiness.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
