Barry Dwyer wrote:
>
> >> It should be in /home/vpopmail/domains/domain.com/.qmail-help. Is it
> there?
>
> Yes, .qmail-help is there
>
> >> If so, what are the permissions and ownership
>
> -rw------- 1 root root 49 Aug 11 01:14 .qmail-help
>
> No wonder qmail can't get to it!
>
> The $64K question then is Why is qmailadmin creating this file with root
> permissions? (I'm using qmailadmin across the 'net on this box).
My $0.02 is that qmailadmin is suid root:root, and not suid
vpopmail:vchkpw.
Ken.. As qmailAdmin is not ment to run as root in the first place -
shouldn't it be in place to drop the access rights if it is? Ie: if the
program is suid root:root, it becomes suid vpopmail:vchkpw - and if it's
already suid vpopmail it doesn't do anything about it.. And if it
doesn't have the suid flag at all it prints out something in syslog() or
simmular?
Best regards
Michael Boman
S/MIME Cryptographic Signature
