On Tue, Oct 07, 2003 at 10:43:37PM +0300, Petri Riihikallio wrote: > I do have some wishes, though. I haven't found a decent archive for > this list, so excuse me if these have been beaten to death before.
http://www.mail-archive.com/sqwebmail%40inter7.com/ http://marc.theaimsgroup.com/?l=sqwebmail&r=1&w=2 > If only configure could: > - specify the 'authdaemonvar' > (I am already running the Courier-IMAP authdaemond. It took me a while to > figure out how to connect sqwebmail to that) Your life will be simpler if you just run two sets of authdaemonds, one for courier-imap and one for sqwebmail. It works fine, and there is no efficiency issue (6 extra slots in the process table don't cost anything). I suppose you'll have 5 extra connections to your back-end database, but that is unlikely to cost much either. > - throw a switch to comment out all the code in authlib/changeuidgid.c If you want it to run as the same non-root user all the time, then for courier-imap just add " -user=<username>" to TCPDOPTS. For sqwebmail you make the binary setuid <username> instead of setuid root. I see the note in 'authlib/SECURITY' that says it may not work on some platforms without zapping the contents of numlib/changeuidgid.c - strange. Can you describe what happened if you just made sqwebmail setuid to your particular user? Also, what platform are you running on? There was a change to this a little while ago: in sqwebmail/sqwebmail.c the following two lines were added int main() ... /* If we are running setuid non-root, change our real gid/uid too */ if (getegid()) setgid(getegid()); if (geteuid()) setuid(geteuid()); This should mean that the CGI when run setuid some other user works correctly. It certainly works for me anyway, under FreeBSD. Regards, Brian.
