This one time, at band camp, Olivier Salaün said: > Starting with version 5.2, Sympa comes with a wrapper for wwsympa.fcgi > that make it for wwsympa.fcgi to run as the 'sympa' user using SuDo. For > compatibility reasons this is not the default Sympa setup but it could > be the default Debian setup. > > Check the related documentation : > http://www.sympa.org/wiki/manual/web-interface#web_server_setup
Apache has it's own suexec method. Why can't it use that? Aside from this, sympa comes with 2 suid elf executables, which seems like a recipe for security problems. They appear to only be necessary for queue injection, in which case I would prefer to just run the pipe as the sympa user and not use suid binaries. I don't know if that's possible or not for upstream, but on Debian, where exim4 is the default MTA, it certainly is. -- ----------------------------------------------------------------- | ,''`. Stephen Gran | | : :' : [EMAIL PROTECTED] | | `. `' Debian user, admin, and developer | | `- http://www.debian.org | -----------------------------------------------------------------
signature.asc
Description: Digital signature
