- "Adam D. McKenna" <[EMAIL PROTECTED]>:
| Maybe I'm a retard, but I fail to see what benefits setuid has over
| setgid in this case. If a user is able to exploit either of these
| conditions, then he can read or delete mail from the queue. So why
| would it make sense to use setuid instead of setgid in this
| particular scenario? (besides the fact that that's the way djb
| programmed it)
Well, if you study the permissions in the queue directory carefully,
you will see that he was quite selective about which program has
access to what directory: Basically, each program in the qmail suite
has just the access it needs to do its job. At the very least, making
qmail-queue setgid rather than setuid would require reworking all
those permissions. (I am too tired and stressed out right now to
check if it is even possible.)
- Harald
