Hi, I am planning to move my production mailserver from sendmail to
qmail+vchkpw, and thus installed sqwebmail today.
However, I was thrilled to see the suid-root sqwebmail binary in my
cgi-bin.
Is this the default installation, or did I do smth wrong?
- or -
is there any incidences of break-in to a mailserver with the help
of this-suid-root binary.
I wanted to know your opinions about this issue,
Thanx...
[root@mailhub templates]# ls -l /usr/local/apache/cgi-bin/
total 608
-rwsr-xr-x 1 root root 299912 Jan 8 15:35 sqwebmail
[root@mailhub templates]#
-- Murat Balaban
