RE: [Exim] Solaris 2.6, Perl 5.6.1, exim 3.22 - Can't open p…

Páxina inicial
Borrar esta mensaxe
Responder a esta mensaxe
Autor: Tamas TEVESZ
Data:  
Para: Gustav H Meyer
CC: exim-users
Asunto: RE: [Exim] Solaris 2.6, Perl 5.6.1, exim 3.22 - Can't open pipe
On Thu, 28 Jun 2001, Gustav H Meyer wrote:

> Ok guys, thanks for all the help you guys are great. To make a
> long story short. I recompiled exim with EXIM_UID=0 and EXIM_GID=1
> and now all is working. I guess that is what you mean by "Make exim
> setuid root"?


actually, no. he meant chmod +s /path/to/exim/binary/exim

> Only one question left. Is it a good idea to run as root? I see some
> references in the postings where guys have a separate user 'mail' for
> running exim. I don't completely understand the write-up in the EDITME.


exim starts as root (so it can bind itself to the interfaces n stuff),
then drops privileges and truns as EXIM_UID. whenever it needs to be
root again (eg for doing a local delivery) it reexecs itself so it
turns root again (thats because of the setuid bit). so what you
actually (likely) to need is the exim binary be setuid root (and owned
by root:root !), and EXIM_(U|G)ID be 'mail' or whatever.

yes, it has the security hazards. what doesn't ?

--
[-]
"`rendes' `thread library' `unix' - ezeknek nincs kozos gyokuk" -- redax