On Friday 30 April 2004 03:26 pm, Henry Baragar wrote:
> 2. Is checkvpw suid root? Note that DJB's checkpassword needs to be suid
> root for Binc, which is fine because it takes great care to ensure the
> user has authenticated before executing a command. I haven't looked at
> checkvpw to see what it does to ensure that it can not be used to gain
> arbitrary access to your system.
errr .... why would it need to be setuid root? Normally you run your
pop3/imap servers as root.....
-Jeremy
--
Jeremy Kitchen ++ Systems Administrator ++ Inter7 Internet Technologies, Inc.
[EMAIL PROTECTED] ++ www.inter7.com ++ 866.528.3530 ++ 847.492.0470 int'l
kitchen @ #qmail on EFNET ++ scriptkitchen.com/qmail
