Re: Exim permissions
On Sat, Nov 30, 2002 at 04:36:42PM -0600, Shyamal Prasad wrote:
> I have not read the exim source, but do try setting your real
> user/group identities to the mail user/group (=8 on Debian) before the
> system call. (man setuid, man setgid) It might work out.
Hey man, you rock! That works. I inserted setuid(8);setgid(8); and
we're off. (With the executable still setuid root, of course.) I had
previously tried with the executable both setuid and setgid mail, and
it didn't work. I take it that that would only change the effective
user ID, which is not enough to fool exim.
> Better still, use sudo and you will not have to do any C programming :-)
Even for your set real u/gid trick? - given that there's no setgid(1),
and setuid(1) doesn't let you set the gid as well? And it can manage
that without being a security hole? That's pretty neat.
Thanks,
Pigeon
Reply to: