On 2009-04-02, at 1036, Manvendra Bhangui wrote:
2009/4/2 John Simpson <j...@jms1.net>you DO NOT want these to be setuid root. in fact, you don't want ANY of the binaries to be setuid root, except possibly for vpopmaild, and that only if you want to allow it to create and remove domains- otherwise it can run asthe vpopmail user with no ill effects.I have not explored that. Example could be making qmail-newu to be setuidroot and making the assign file writeable by vpopmail.
it's not just those files... vpopmail also modifies the rcpthosts, morercpthosts, virtualdomains, and users/assign files whenever it adds or deletes domains, and it also needs to be able to run qmail-newmrh if the morercpthosts file was changed.
and if users have the ability to create their own custom .qmail files, or to specify lines which end up in those files, you DO NOT want the vpopmail user to have write access to any of qmail's control files.
a better idea would be to run vpopmaild as root (if you want to allow it to create or delete domains at all) and use it to process any such requests. i know a few people on this list have mentioned web front- ends which duplicate most or all of qmailadmin's functionality, but do all of their work by sending commands to vpopmaild.
But getting the root password or doing ssh root is out of question in my production environment.
good idea... i take it one step further: the list of people who have root access (i.e. "myself only") is exactly the same as the list of people who are allowed to add or delete domains (also "myself only".) which means even vpopmaild doesn't NEED root access, since everything else it does can be done by the vpopmail user.
as for compiling in extra password checks and so forth... have you read the documentation for "sudo"? you can allow certain users to execute certain commands with root permissions, but not give them unfettered root access. the syntax is a bit non-intuitive, but once you understand it, it can be quite powerful. it seems to me this would be a better solution than having to manually add in your own custom patches every time a new version of vpopmail is released.
---------------------------------------------------------------- | John M. Simpson --- KG4ZOW --- Programmer At Large | | http://www.jms1.net/ <j...@jms1.net> | ---------------------------------------------------------------- | http://video.google.com/videoplay?docid=-1656880303867390173 | ----------------------------------------------------------------
PGP.sig
Description: This is a digitally signed message part
!DSPAM:49d69f8f32685873613284!
