>>tcpserver -u0 -g0 0 110 /var/qmail/bin/qmail-popup myhostname (not
>>literraly) /bin/checkpassword /var/qmail/bin/qmail-pop3d Maildir&
>
>So -u0 means uid 0.
yea
>>
>>>>If so, any ideas on how to modify a tcp.smtp file after checkpassword
>>>>succeeds? Only way I see to do it is open up permissions on the file,
>>which
>>>>doesn't help when running tcprules (resets them).
>>>>
>>>>my modified checkpassword auths the user then execl()'s a script to add
>>>>$TCPREMOTEIP to the tcp.smtp file if it does not exist.
>>>
>>>Right. At that point the process is running as the user. If you want to
>>>modify the file directly, all those users will need to have write access
to
>>>the file directly.
>>
>>but the execl is in the checkpassword program..
>
>Your own checkpassword program? Before or after the setuid() call?
I didn't see setuid() in the original program checkpassword.c (checkpassword
0.81 original) guess I better get greppin'
>>>Another strategy might be to write TCPREMOTEIP to a temp file in a
>>directory
>>>that everyone has write access to, and have a separate cronjob/process
scan
>>>the directory adding entries into tcp.smtp.
>>>
>>>The execl() script could be as simple as "touch
/var/sometmp/$TCPREMOTEIP".
>>>E&OE.
>>
>>Good idea.../tmp
>>
>>but somewhat defeats the purpose of pop before smtp. A user has to pop
then
>>wait for cron before smtp...
>
>True. But having a root program write to a fairly critical file presents
>risks.
>
>
>Regards.
>
>
