Maybe I'm a retard, but I fail to see what benefits setuid has over setgid
in this case. If a user is able to exploit either of these conditions, then
he can read or delete mail from the queue. So why would it make sense to
use setuid instead of setgid in this particular scenario? (besides the fact
that that's the way djb programmed it)
--Adam
-----Original Message-----
From: Janos Farkas
<Janos.Farkas-nouce/priv-#[EMAIL PROTECTED]>
To: [EMAIL PROTECTED] <[EMAIL PROTECTED]>
Date: Monday, January 04, 1999 3:31 PM
Subject: Re: Anonymous Qmail Denial of Service
:On 1999-01-04 at 12:12:27, Mate Wierdl wrote:
:> That would require qmail-inject and qmail-smtpd, among others, to be
suid
:> or sgid to some uid/gid that will allow them to execute qmail-queue.
:> That would be Wrong(tm).
:>
:> So what could happen if qmail-inject is sgid qmail?
:...
:> but at least invoking uid identification is possible.
:
:[A long boring thread, but..]
:
:And of course then quota on /var can be used to limit the damage a user
:can do to mail submission down to what is negligible. Something still
:tells me it's not really a lot less quirky, but sgid actually has the
:above two advantages (identification/quota). That is, if I did not lose
:any braincells during the holidays which related to this knowledge :)
:
:--
:Janos - Don't worry, my address is real. I'm just bored of spam.
:
