On Wed, 2001-08-29 at 12:03, Tren Blackburn wrote:
> Hi List;
>
> This seems to be a problem related to the security enhancement that was
> implemented by Ken on the ~vpopmail/lib directory. It's now set to 700
> owned by root. The problem with this in the case of courier imap is that
> it requires the build of the software to be done as non-root user. So to
> compile in authvchkpw support, it needs access to libvpopmail.a in
> ~vpopmail/lib. I fixed this by temporarily changing this directory to 755
> and the libvpopmail.a to 644 until after I finished my install of both
> courier imap and sqwebmail 3.0.0.
>
> Is this the proper procedure for doing this or should the changing of
> permissions on the ~vpopmail/lib be rethought?
I would do what you did.
Sounds more like the courier-imap build should be re-thought.
Keeping ~vpopmail/lib and ~vpopmail/lib/libvpopmail.a restricted
to root is the only available method to secure the database
authentication information that is compiled into the library.
I'm open to any other ideas that work.
Ken Jones
