> > | 4) Could setuid(geteuid()) but that doesn't buy very much. > > > > That should stop the user from killing qmail-queue, methinks. > > It doesn't buy much because there is still a time when uid != euid, > and the signal can arrive then. But the temporary file does not exist yet. > I thought more about my original suggestion. It's bunk because it > still allows the leaving behind of a junk mess file. Not if you know what you're doing. Reset the userid and the session id, then create your temporary file.
- Re: Fw: Anonymous Qmail Denial of Service Mark Delany
- Re: Fw: Anonymous Qmail Denial of Service johnjohn
- Re: Fw: Anonymous Qmail Denial of Servic... Peter van Dijk
- Re: Anonymous Qmail Denial of Service Fred Lindberg
- Re: Anonymous Qmail Denial of Service Adam D. McKenna
- Re: Anonymous Qmail Denial of Service Harald Hanche-Olsen
- Re: Anonymous Qmail Denial of Service Janos Farkas
- Re: Anonymous Qmail Denial of Service Andrzej Kukula
- Re: Anonymous Qmail Denial of Service Sam
- Re: Anonymous Qmail Denial of Service Adam D. McKenna
- Re: Anonymous Qmail Denial of Service Russ Allbery