On Wed, 11 Aug 1999, Rachel Warren wrote:
> > Have you remembered to make Exim setuid root?
>
> I believe so:
>
> bash-2.03$ pwd
> /usr/exim/bin
> bash-2.03$ ls -l exim
> -rwxr-xr-x 1 root wheel 525811 Aug 6 13:29 exim
No, you haven't. You need that to be -rwsr-xr-x to get the setuid. You
have just made it owned by root.
> I didn't define them becuase the makefile says," If EXIM_UID is not defined,
> the default in the code is to run as root unless specified otherwise at
> run time. Specifying 0 at run time has the effect of unsetting the
> values build into the binary.." Should I define them, and what should
> I define them as?
The security is much better if you give exim its own uid and gid to run
under. However, that isn't the current problem.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
