On Mon, 2004-09-20 at 05:53, Felix Cuello wrote:
> On Sun, Sep 19, 2004 at 09:26:42PM -0700, Carl P. Corliss wrote:
> > Better yet, only update it when you absolute need to (meaning: only when
> > you are checking mail or making a change to your mailbox by deleting,
> > moving or renaming). That
On Sun, Sep 19, 2004 at 09:21:29PM -0300, Felix Cuello wrote:
> [...]
As Derrick said, I'm executing the program with setuid and that's working. I
don't know if there is another way to do that. The PERL script just control
malicious user string and user string size and C program open /var/imap/quo
On Sun, Sep 19, 2004 at 09:26:42PM -0700, Carl P. Corliss wrote:
> Better yet, only update it when you absolute need to (meaning: only when
> you are checking mail or making a change to your mailbox by deleting,
> moving or renaming). That should work - of course providing your web portal
> is f
Michael Loftis wrote:
[snip]
> Read it once, and then cache the result in the session information (or
> even in a cookie) along with a 'freshness' -- and when the timeout has
> expired, re-check it (say 1 minute, or five). Same thing with the LDAP
> auth. Re-authing every single page load is not n
--On Sunday, September 19, 2004 21:10 -0300 Felix Cuello <[EMAIL PROTECTED]>
wrote:
On Sun, Sep 19, 2004 at 09:55:45PM -0500, Edward Rudd wrote:
What's wrong with just making an imap connect to ask for the quota root?
(you don't have to run cyradm to check quatas..)
Is to slow to do that in ever
On Sun, 19 Sep 2004, Felix Cuello wrote:
So write simple C code and exec it (and collect the result) from perl?
That's the problem... PERL is running as apache access. I wrote C code and
Right, that's why I suggested writing a C program, making it setuid and
executing, not linking in via xs. Setui
On Sun, Sep 19, 2004 at 10:49:03PM -0400, Derrick J Brashear wrote:
> So write simple C code and exec it (and collect the result) from perl?
That's the problem... PERL is running as apache access. I wrote C code and
compile it [using h2xs] as PERL Package [because i don't want to do an exec].
The p
On Sun, Sep 19, 2004 at 09:55:45PM -0500, Edward Rudd wrote:
> What's wrong with just making an imap connect to ask for the quota root?
> (you don't have to run cyradm to check quatas..)
Is to slow to do that in every page viewed by users [login with ldap access,
then check imap quota]. Because the
On Sun, 2004-09-19 at 18:32, Felix Cuello wrote:
> Hello,
>
>I wrote a small C program to access to quota files without ask cyrus. This
>program run under mail group.
>I noticed when something change in the mailbox [deleting mails, receiving
>mails, etc] the /var/imap/quota permiss
On Sun, Sep 19, 2004 at 10:15:20PM -0400, Derrick J Brashear wrote:
> In general programs which access the mail store run as the cyrus user.
> Inasmuch as this should be being done at all, your program should be
> setuid cyrus. I don't think doing this is a good idea in general, though.
Is a req
On Sun, 19 Sep 2004, Felix Cuello wrote:
Inasmuch as this should be being done at all, your program should be
setuid cyrus. I don't think doing this is a good idea in general, though.
Then i wrote a simple C code and compile that as a PERL Package, then i have
direct access to their quota. Apache
On Sun, 19 Sep 2004, Felix Cuello wrote:
Hello,
I wrote a small C program to access to quota files without ask cyrus. This
program run under mail group.
I noticed when something change in the mailbox [deleting mails, receiving
mails, etc] the /var/imap/quota permissions are resetted to:
-
Hello,
I wrote a small C program to access to quota files without ask cyrus. This
program run under mail group.
I noticed when something change in the mailbox [deleting mails, receiving
mails, etc] the /var/imap/quota permissions are resetted to:
-rw--- cyrus.mail
Then ma
13 matches
Mail list logo
