Re: Policy question

To: debian-policy@lists.debian.org
Subject: Re: Policy question
From: Ian Jackson <ian@chiark.greenend.org.uk>
Date: Wed, 3 Feb 1999 18:21:14 +0000 (GMT)
Message-id: <[🔎] 14008.37786.291512.576584@chiark.greenend.org.uk>
In-reply-to: <[🔎] 19990201120318.E378@complete.org>
References: <[🔎] 19990201120318.E378@complete.org>

John Goerzen writes ("Policy question"):
...
> The situation is this.  There is a mailing list management program that
> needs to run setuid to its particular uid (created by adduser in postinst). 
> It also ought to run setgid to its particular gid (again, created by adduser
> in postinst.)  It is intended to be run only by a MTA, and as a security
> precaution (since it is setuid/setgid), it is best not to let anyone execute
> it (also, it would be very easy to forge messages that way.)

In fact, you don't mean that it needs to run setuid.  It merely needs
to be run _as_ a particular uid.  There are several ways of achieving
this other than setuid.  Two that I can think of that I'd recommend to
you are:

* userv, which Wichert has already mentioned.

* Most MTA's can be configured to run particular sets of aliases
etc. as particular uses and/or groups.

Ian.

Reply to:

Follow-Ups:
- Re: Policy question
  - From: John Goerzen <jgoerzen@complete.org>

References:
- Policy question
  - From: John Goerzen <jgoerzen@complete.org>

Prev by Date: Re: Mechanism for removing developers
Next by Date: Re: Mechanism for removing developers
Previous by thread: Re: Policy question
Next by thread: Re: Policy question
Index(es):
- Date
- Thread