[vchkpw] OFFTOPIC! how come ppl don't start new threads when creating mails??
how come ppl don't start new threads when creating mails?? or is my mail client broken? /Raboo
Re: [vchkpw] OFFTOPIC! how come ppl don't start new threads when creating mails??
Raboo Treed wrote: how come ppl don't start new threads when creating mails?? or is my mail client broken? /Raboo Looks like you as well need to not start threads in the middle of an old one. As you just did what you said you didnt like. X-Istence
[vchkpw] Vpopmail 5.4.2 released
http://vpopmail.sf.net/ 5.4.2 - released 22-Feb-04 This is an interim release to correct various minor problems before we begin significant security fixes (escaping fields) to the mysql and pgsql backends. We should be ready to start the 5.5 development series after the SQL fixes are in place. ChangeLog: Tom Collins - Remove attempts to free() static buffers in vpgsql.c. [88] - Fix problems with creating valias table in vpgsql.c. [892595] - Remove unnecessary check for C++ from configure[.in]. - Don't include DESTDIR when building inc_deps and lib_deps. [886988] - Properly parse Maildir and mbox delivery lines in .qmail files in vdelivermail (and exit(111) for mbox lines). [889756] - Temporarily disable -s option to vadduser (since it's broken). [895375] Anders Brander - Add contrib/checkpassword_debug.[README,c] for testing and debugging problems with vchkpw. [862608] -- Tom Collins - [EMAIL PROTECTED] QmailAdmin: http://qmailadmin.sf.net/ Vpopmail: http://vpopmail.sf.net/ Info on the Sniffter handheld Network Tester: http://sniffter.com/
Re: [vchkpw] OFFTOPIC! how come ppl don't start new threads when creating mails??
Looks like you as well need to not start threads in the middle of an old one. It proves my point better. even this mailinglist a martyr.
Re: [vchkpw] PHP extension for vpopmail
Rick Widmer wrote: There are two ways to run the extension that I know of. o Start a separate instance of Apache on its own port or IP address, running as the mail user. This instance should only serve mail related pages. This is very easy to do. o Don't allow any web sites on the mail server. Only run QmailAdmin and sqWebmail on the mail server, and don't allow anyone but mail system administrators to login on the machine. (This is the one I use.) Didn't you ever heard about "sudo"? Using sudo you may allow the apache's user to run commands (that you specify) as the vpopmail's user. I did it once, it isn't hard. I also believe that's more secure, since the vpopmail's user will be used only weh necessary (to run some commands) and not all the time (to run apache). Regards, Eduardo M. Bragatto.
Re: [vchkpw] PHP extension for vpopmail
> > o Start a separate instance of Apache on its own port or IP address, > > running as the mail user. This instance should only serve mail related > > pages. This is very easy to do. > > > > o Don't allow any web sites on the mail server. Only run QmailAdmin and > > sqWebmail on the mail server, and don't allow anyone but mail system > > administrators to login on the machine. (This is the one I use.) > > Didn't you ever heard about "sudo"? > Using sudo you may allow the apache's user to run commands (that you > specify) as the vpopmail's user. I did it once, it isn't hard. I also > believe that's more secure, since the vpopmail's user will be used only > weh necessary (to run some commands) and not all the time (to run apache). sudo with PHP extension? When PHP is a module? How? Solt
Re: [vchkpw] PHP extension for vpopmail
On 22-Feb-04, at 7:29 PM, Marcin Soltysiak wrote: o Start a separate instance of Apache on its own port or IP address, running as the mail user. This instance should only serve mail related pages. This is very easy to do. o Don't allow any web sites on the mail server. Only run QmailAdmin and sqWebmail on the mail server, and don't allow anyone but mail system administrators to login on the machine. (This is the one I use.) Didn't you ever heard about "sudo"? Using sudo you may allow the apache's user to run commands (that you specify) as the vpopmail's user. I did it once, it isn't hard. I also believe that's more secure, since the vpopmail's user will be used only weh necessary (to run some commands) and not all the time (to run apache). sudo with PHP extension? When PHP is a module? How? Solt Via PHP's CGI module. Thomas
Re: [vchkpw] PHP extension for vpopmail
Eduardo M. Bragatto wrote: Rick Widmer wrote: There are two ways to run the extension that I know of. o Start a separate instance of Apache on its own port or IP address, running as the mail user. This instance should only serve mail related pages. This is very easy to do. o Don't allow any web sites on the mail server. Only run QmailAdmin and sqWebmail on the mail server, and don't allow anyone but mail system administrators to login on the machine. (This is the one I use.) Didn't you ever heard about "sudo"? Using sudo you may allow the apache's user to run commands (that you specify) as the vpopmail's user. I did it once, it isn't hard. I also believe that's more secure, since the vpopmail's user will be used only weh necessary (to run some commands) and not all the time (to run apache). I think you are missing something here. Extensions give PHP _direct_ access to functions provided by a c or c++ library. They are executed _within_ the Apache child process that handles a page request. They don't spawn a new process, so there is no place to use sudo. If you are going to use sudo then you may as well skip extensions and use exec/system/passthru or the streams facility directly from a PHP library. Another problem, if you allow the www user access to the vpopmail programs - how do you keep every web site on the server from having full access to mail system? The vpopmail library functions don't provide authentication. (They do provide functions for doing authentication, but the calling program has to manage it.) Rick
Re: [vchkpw] PHP extension for vpopmail
Thomas Madej wrote: On 22-Feb-04, at 7:29 PM, Marcin Soltysiak wrote: sudo with PHP extension? When PHP is a module? How? Solt Via PHP's CGI module. Please try it and let me know how it works! Personally, I am quite happy keeping general web sites off the mail server, and running PHP as an Apache module. I _think_ it should work under CGI, but I don't use PHP as CGI, and don't even know where to start to configure it in. If no one else doe it, I will eventually get to trying this with CGI, but don't hold your breath. QmailAdmin 1.3 will be released before I spend any time on it. If you do try it and have problems I will help you, but unless someone else is actively involved it will remain a very low on my priority list. What about SUID on the script file? That might work too. Rick
Re: [vchkpw] PHP extension for vpopmail
On 22-Feb-04, at 8:04 PM, Rick Widmer wrote: Thomas Madej wrote: On 22-Feb-04, at 7:29 PM, Marcin Soltysiak wrote: sudo with PHP extension? When PHP is a module? How? Solt Via PHP's CGI module. Please try it and let me know how it works! Personally, I am quite happy keeping general web sites off the mail server, and running PHP as an Apache module. I _think_ it should work under CGI, but I don't use PHP as CGI, and don't even know where to start to configure it in. If no one else doe it, I will eventually get to trying this with CGI, but don't hold your breath. QmailAdmin 1.3 will be released before I spend any time on it. If you do try it and have problems I will help you, but unless someone else is actively involved it will remain a very low on my priority list. What about SUID on the script file? That might work too. Rick You just need the proper script header and the proper entries in /etc/sudoers. I think the following header would work: #!/usr/bin/sudo -u vpopmailuser /usr/bin/php but then again, running another server is probably more secure than this method. Thomas Madej Furi Enterprises http://furi.ca/
