Hello, I'm wondering why it hasn't this permissions by default: root shadow 02755 /usr/lib/ejabberd/priv/bin/epam
Is there any reason? Thanks On Sun, Oct 19, 2008 at 11:33 PM, Rodolphe Pelloux-Prayer <[email protected]> wrote: > > As describe in the official guide [1], /usr/lib/ejabberd/priv/bin/epam should > be set root on execution. No, I'm not going to make epam suid root. First, in Debian to use /etc/shadow for authentication it's sufficient to be sgid shadow. Second, if you use PAM with (for example) LDAP backend you don't have to make it suid root at all. If you in your environment want to keep epam binary suid root do ti yourself. To make sure its mode will not change on upgrade override it using dpkg-statoverride --add root root 04755 /usr/lib/ejabberd/priv/bin/epam Cheers! -- Sergei Golovan
