On Sun, Oct 19, 2008 at 11:33 PM, Rodolphe Pelloux-Prayer <[EMAIL PROTECTED]> wrote: > > As describe in the official guide [1], /usr/lib/ejabberd/priv/bin/epam should > be set root on execution.
No, I'm not going to make epam suid root. First, in Debian to use /etc/shadow for authentication it's sufficient to be sgid shadow. Second, if you use PAM with (for example) LDAP backend you don't have to make it suid root at all. If you in your environment want to keep epam binary suid root do ti yourself. To make sure its mode will not change on upgrade override it using dpkg-statoverride --add root root 04755 /usr/lib/ejabberd/priv/bin/epam Cheers! -- Sergei Golovan -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
