[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: sendmail and setgroups()

On Wed, 2 May 2001, Shane Wegner wrote:

> The current SendMail in unstable appears to be doing a
> setgroups() call when it does not have superuser
> privileges.  I am getting the following on a regular basis
> from my lids kernel.
> LIDS: sendmail (9 2 inode 32909) pid 19760 user (8/8) on
> NULL tty: more CAP_SETGID violation: Try to
> setgroups,logging disabled for 10 seconds
> It only loggs this when setgroups() is called and the user
> is not root.  Do you have any idea what this could be?

Yeah, its part of the recent security updates sendmail is pushing
for the 8.12.0 release.

They've already received a report on this, I'll second it so we
can see if they'll do the SETGID only if running root.
Rick Nelson
<jim> Lemme make sure I'm not wasting time here... bcwhite will remove
      pkgs that havent been fixed that have outstanding bugs of severity
      "important".  True or false?
<JHM> jim: "important" or higher.  True.
<jim> Then we're about to lose ftp.debian.org and dpkg :)
* netgod will miss dpkg -- it was occasionally useful
<Joey> We still have rpm....

Reply to: