What happens when you run:
su -c /var/qmail/bin/qmail-scanner-queue.pl -g qscand
does it error out or actually work?
Hello Ed:
It's strange. When I use the daemontools setuidgid it works, but with su -c
it silently ends, without doing anything:
[EMAIL PROTECTED] qmailscan]# setuidgid
Indeed qscand does NOT have a legitimate shell. The installation
instructions suggest to create the user qscand with /bin/false as the
shell. (BTW qmailq also has a null shell; /bin/true)
That is good ... two fewer potential entry points for the script kiddies ;-)
Anyone on the list know if
-Original Message-
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Thursday, December 18, 2003 3:21 PM
To: Micha Silver
Cc: ([EMAIL PROTECTED])
Subject: Re: Quarantine-attachments revisited
[EMAIL PROTECTED] qmail-scanner-1.20]# ll
Do you mean the whole qmailscan directory? I tried changing the owner of
quarantine-attachments.db to qmailq, but that didn't make any difference.
Yes (and there are most likely others here who know better than I) ... in
all of my installations including 1.15 version, the whole
Thanks for your help Tom, but no joy yet.
A couple of tests:
(quick and dirty):
$ chmod 666 /var/spool/qmailscan/quarantine-attachments.db
Then run and look at the log again.
(more complicated):
around line 998 of q-s.pl add:
my ($idd);
$idd=`id -a`;
debug(ID is: $idd\n);
On Thu, Dec 18, 2003 at 03:59:46PM +, [EMAIL PROTECTED] wrote:
Do you mean the whole qmailscan directory? I tried changing the owner of
quarantine-attachments.db to qmailq, but that didn't make any difference.
Yes (and there are most likely others here who know better than I) ... in
all