On Tue, Apr 10, 2001 at 02:40:24PM -0700, Sean Chittenden wrote:
> Anyone know of any reasion why I shouldn't set the qmail-qread
> and qmail-qstat as setuid root? I've looked through the source, but
> am looking for a last confirmation or "don't do that." -sc
# envuidgid qmails tcpserver -U localhost 82 /var/qmail/bin/qmail-qread &
$ nc localhost 82
10 Apr 2001 23:16:15 GMT #246039 212 <[EMAIL PROTECTED]>
remote [EMAIL PROTECTED]
bash$ tcpclient localhost 82 cat /dev/fd/6
10 Apr 2001 23:16:15 GMT #246039 212 <[EMAIL PROTECTED]>
remote [EMAIL PROTECTED]
etcetera. Completely secure (in as much that it allows user to see
info they couldn't see before, unless when gleaming from logfiles or
checking process listings regularly etcetera).
Greetz, Peter.
