Re: Exim permissions

To: debian-user@lists.debian.org
Subject: Re: Exim permissions
From: Pigeon <jah.pigeon@ukonline.co.uk>
Date: Sun, 1 Dec 2002 00:35:05 +0000
Message-id: <[🔎] 20021201003505.A16898@pigeon>
In-reply-to: <[🔎] 8765ue8z2d.fsf@rattler.some-dsl-address.sbcglobal.net>; from Shyamal Prasad on Sat, Nov 30, 2002 at 04:36:42PM -0600
References: <[🔎] 8765ue8z2d.fsf@rattler.some-dsl-address.sbcglobal.net>

On Sat, Nov 30, 2002 at 04:36:42PM -0600, Shyamal Prasad wrote:

> I have not read the exim source, but do try setting your real
> user/group identities to the mail user/group (=8 on Debian) before the
> system call. (man setuid, man setgid) It might work out.

Hey man, you rock! That works. I inserted setuid(8);setgid(8); and
we're off. (With the executable still setuid root, of course.) I had
previously tried with the executable both setuid and setgid mail, and
it didn't work. I take it that that would only change the effective
user ID, which is not enough to fool exim.

> Better still, use sudo and you will not have to do any C programming :-)

Even for your set real u/gid trick? - given that there's no setgid(1),
and setuid(1) doesn't let you set the gid as well? And it can manage
that without being a security hole? That's pretty neat.

Thanks,
Pigeon

Reply to:

References:
- Re: Exim permissions
  - From: Shyamal Prasad <shyamal.prasad@sbcglobal.net>

Prev by Date: Help configuring old mozilla compile
Next by Date: Wanna make sure I don't screw the list up!
Previous by thread: Re: Exim permissions
Next by thread: how to setup cgi
Index(es):
- Date
- Thread