> -----Original Message-----
> From: mb@??? [mailto:mb@dcs.qmul.ac.uk]
> Sent: Friday, June 21, 2002 3:51 AM
> To: Cory Daehn
> Subject: Re: [Exim] Still having problems with incoming mail being
frozen....
>
> Are you running a Linux distribution but with your own
> hand-built exim?
> Some distributions helpfully remove suid bits from files that aren't
> "registered", eg with Debian I think it's "suidregister", as
> part of a cron job.
Actually, it's a compiled srpm (Mandrake was originally a clone of
Redhat 5 but they've removed more & more of it as time has gone by)
I discovered the problem about 2 hours after I fired off that message.
(a 'grep "/usr/sbin/exim" *' in "/var/log" works wonders.) Mandrake
(8.0 and higher) comes with a nasty little script as part of it's
security protocols called msec ... msec by default runs EVERY HOUR (of
all the stupid things) and notices that /usr/sbin/exim has SUID & SGID
bits set from the last time and promplty gelds it.
I've removed the msec package... it's more of an annoyance than a
helpful program after it's been run the first time. especially on a
system that doesn't have casual users other than mail users, and they're
only allowed to check their mail.
It also comes with another annoying program as part of its security
package called Bastille (go figure, french folk calling their security
package Bastille) It's actually half intelligent... recommended the
same stuff I would (turning off telnet in favor of ssh same for ftp in
favor of scp) and completely disabling Apache (a bad thing on my system
since we have a web mail program.)
Just thought I'd send an update.
