Christoph Anton Mitterer writes:
On Sun, 2010-01-10 at 12:29 -0500, Sam Varshavchik wrote:This depends on the maildrop configuration, but generally setgroupid won't have any effect if maildrop is invoked as root, since maildrop will use the userid specified by the -d option to set its running group and userid anyway.Uhm... what does this mean? It definitely has root-group permissions.... (at least the Debian version) ;)
If maildrop runs as root, maildrop can set its userid and groupid, maildrop drops root according to the userid and groupid that's specified by the -d option. The group id that maildrop gets invoked as, is irrelevant as long as the userid is root. The root uid is sufficient for any process to change its gid and uid. So, when maildrop is invoked by root, its group id, whether natural or if set by the setgroupid bit, has no effect.
pgpvGVcnNMw4R.pgp
Description: PGP signature
