Christophe Greisberger a écrit :
> Well, I checked the log again, and I noticed what I think is the source of
> the problem :
> -----8<-----
> 5287 execve("/usr/sbin/sendmail", ["/usr/sbin/sendmail", "testuser2"],
> ["SHELL=/bin/bash", "TERM=xterm", "USER=info", "MAIL=/var/mail/testuser",
> "PATH=/usr/local/bin:/usr/bin:/bin:/usr/bin/X11:/usr/games",
> "PWD=/home/testuser", "LANG=en_GB", "[EMAIL PROTECTED] ", "SHLVL=1",
> "HOME=/home/testuser", "LOGNAME=testuser", "_=/usr/sbin/sendmail"])= 0
>
> [snip]
>
> 5287 setgid32(1) = -1 EPERM (Operation not permitted)
> 5287 getuid32() = 1017
> 5287 setuid32(1017) = 0
> 5287 rt_sigaction(SIGCHLD, {SIG_DFL}, {SIG_DFL}, 8) = 0
> 5287 rt_sigaction(SIGPIPE, {SIG_IGN}, {SIG_DFL}, 8) = 0
> 5287 brk(0) = 0x8051000
> 5287 brk(0x8072000) = 0x8072000
> 5287 getuid32() = 1017
> -----8<-----
>
> sendmail should have uid 0, not the user one.
> It checked for the Nth time,
> -rwsr-xr-x 1 root daemon 26352 2005-11-15 10:52 /usr/sbin/sendmail
>
> It HAS suid, and it's on the root partition (no nosuid flag).
> I really don't understand why the suid bit on the exe don't work :(
>
>
is the filesystem mounted as nosuid ?
BR.
Jerome Blion.
-------------------------------------------------------------------------
This SF.net email is sponsored by DB2 Express
Download DB2 Express C - the FREE version of DB2 express and take
control of your XML. No limits. Just data. Click to get it now.
http://sourceforge.net/powerbar/db2/
_______________________________________________
courier-users mailing list
[email protected]
Unsubscribe: https://lists.sourceforge.net/lists/listinfo/courier-users
