9 messages in net.sourceforge.lists.courier-maildropRe: [maildropl] Maildrop and UID/GID ...
FromSent OnAttachments
Nathan FrankishJul 1, 2007 4:48 am 
moussJul 1, 2007 2:12 pm 
Nathan FrankishJul 1, 2007 6:35 pm 
Devin RubiaJul 3, 2007 7:01 am 
Tony EarnshawJul 4, 2007 1:32 am 
Nathan FrankishJul 4, 2007 1:45 am 
Tony EarnshawJul 4, 2007 1:51 am 
Sam VarshavchikJul 4, 2007 5:45 am 
Tony EarnshawJul 4, 2007 6:35 am 
Actions with this message:
Paste this link in email or IM:
Paste this link in email or IM:
Atom feed for this thread
Paste this URL into your reader:
Subject:Re: [maildropl] Maildrop and UID/GID SettingsActions...
From:Tony Earnshaw (ton@hetnet.nl)
Date:Jul 4, 2007 6:35:57 am
List:net.sourceforge.lists.courier-maildrop

Sam Varshavchik skrev, on 04-07-2007 14:46:

[...]

In practice this doesn't work without the setuid bit being on. As maildrop is delivered in the rpm (at any rate), the perms are 555; on my rigs maildrop will not change UID to my virtual user, vmail, without suid.

Or, unless maildrop gets invoked by root.

Generally, when you leave it up to maildrop to locate the recipient's mailbox, by supplying the -d option, you need to set up your mail server software to invoke maildrop as root. This is also needed, in the default configuration, for maildrop to be able to connect to authdaemon's socket.

Postfix (in the personage of Wietse Venema) is dead against using root for any other service than master, which is a sort of inetd daemon, calling other processes/daemons. Attempts to deliver to maildrop by root (using pipe, for example) result in an immediate fatal error: I just tried ;)

Having /usr/bin/maildrop owner/group root and suid always worked for me and I haven't read of any security incidents reported for this setup.

--Tonni

-- Tony Earnshaw Email: tonni at hetnet dot nl