On Fri, Mar 09, 2001 at 03:06:08PM -0800, Todd A. Jacobs wrote:
> When running pop3d, I get an error saying "no $HOME/Maildir" which may be
> caused by the directory permissions of 0700 on both the home directory and
> Maildir.
>
> On Red Hat, procmail is the MDA, and is SUID/SGID root. Other than making
> pop3d run as root, what are my options? If I chmod the directories, what's
> the least privelege that will allow pop3d to run, without allowing users
> to clobber or access each other's Maildir files?
qmail-pop3d doesn't need to run SUID anything, but qmail-popup and
checkpassword run as root and then checkpassword execs qmail-pop3d as the user
once the user is known.
checkpassword has to run as root, so that it can check passwords and also so
that it can exec qmail-pop3d as a different user. When qmail-pop3d is run by
checkpassword, it runs as the user who owns the Maildir, so the 0700
permissions aren't a problem for it.
Chris
PGP signature
