On Thu, Dec 28, 2000 at 10:13:56AM +0800, Rick Lu wrote:
> as we all know, there are two super-user functions in checkpassword package: setuid
>&
> setgid.
>
> because qmaild is only a normal user in nofiles group, so he has no privilege to
>call
> these codes. it will show "-ERR authorization failed".
Typically qmail-pop3d is started from tcpserver like:
/usr/local/bin/tcpserver -R -v -c 150 0 pop3 \
/var/qmail/bin/qmail-popup <host.domain> \
/var/qmail/bin/checkpassword \
/var/qmail/bin/qmail-pop3d Maildir 2>&1 \
| /var/qmail/bin/splogger qmail-pop3d 17 &
That is qmail-popup (and checkpassword) is started as root and not as user
qmaild and so everything will just work fine and checkpassword is able
to use the setuid/setgid calls to set the user to the authenticated one.
\Maex
--
SpaceNet AG | http://www.Space.Net/ | Stress is when you wake
Research & Development | mailto:[EMAIL PROTECTED] | up screaming and you
Joseph-Dollinger-Bogen 14 | Tel: +49 (89) 32356-0 | realize you haven't
D-80807 Muenchen | Fax: +49 (89) 32356-299 | fallen asleep yet.
