Re: ifmail wont export


Fri, 22 Aug 1997 21:43:03 +0200

On Aug 22, Victor Sudakov <vas@vas.tomsk.su> wrote:

>Why are the following binaries suid by default then?
You should ask Eugene about that. Nearly every italian point (= people who
followed my HOWTO) only has ifmail suid.

>-rws--s--x 1 ifmail dialer 204730 Jul 24 16:31 ifcico
It is only run from the crontab or with a script that runs as ID=ifmail
(the script also reads the log and runs ifpack and ifunpack), then no suid.
You can make it sgid dialer or you can add the user ifmail in /etc/groups.
>-rws--x--x 1 ifmail dialer 36939 Jul 24 16:31 nlpatch
>-rws--x--x 1 ifmail dialer 51271 Jul 24 16:31 ifindex
Why a normal user should be able to compile the nodelist? I can't see any
need for the suid bit.
>-rws--x--x 2 ifmail dialer 101495 Jul 24 16:31 ifmail
>-rws--x--x 2 ifmail dialer 101495 Jul 24 16:31 ifnews
The suid bit is needed, but only by news.
>-rws--x--x 1 ifmail dialer 51226 Jul 24 16:31 ifroute
Ifroute is not useful, I never install it.
>-rws--x--x 1 ifmail dialer 41553 Jul 24 16:31 ifstat
I don't want users to be able to know what there is in the spool, but if you
do you can leave the suid bit.

There is also no reason to make the binaries unreadable.

-- 
ciao,
Marco