Sagara Wijetunga writes:
1. chown the authdaemond socket to that user
Brian said it was necessary. I've checked a couple of our standard installs (which don't mess with the socket) and it's owned by root:root with rwx access for ugo.
IIRC: In classic Unix the mode of the socket doesn't matter. You have to control the access to the directory where the socket is. Linux obeys the mode of the socket itself. So it depends on what you are running.
You better check it afterwards. Try to open that socket as an ordinary user (other than vmail). If you can, then you have a huge security hole. That socket is privileged and you should take care who has access to it.
--
Cheers,
Petri
Metis / Petri Riihikallio GSM: +358 400 505 939
