On Apr 12, 2005 6:42 AM, Tom Collins <[EMAIL PROTECTED]> wrote:
> On Apr 12, 2005, at 12:34 AM, Finn Smith wrote:
> >  I am currently using a .qmail-<user> file in a domain directory to
> > pipe the contents of a message into a script on my server for local
> > processing. Is there any way to control under which uid/gid this
> > script executes? The reason being that it needs write access to a
> > protected file on the system which is not accessible to my vpopmail
> > user.
> Not really.  The programs in a .qmail file are executed with the same
> ownership as the emailbox.
> You could set the suid-bit on the program called in the .qmail-user
> file so that the program (or script) runs as the user you want, but
> you'll also want to make sure that the program/script can only be
> executed by the vpopmail user (more likely, the vchkpw group) and
> doesn't open up any security problems.

Thanks, Tom. This is more or less the answer I expected to get. I will
just have to write a little suid wrapper script to handle this.


Reply via email to