Wouldn't the most simple solution be to just chmod 4550 qmail-queue and force
(untrusted) users to use qmail-inject?
--Adam
---
bash: syntax error near unexpected token `:)'
Adam D. McKenna
[EMAIL PROTECTED]
----- Original Message -----
From: Sam <[EMAIL PROTECTED]>
To: <[EMAIL PROTECTED]>
Sent: Monday, January 04, 1999 11:33 PM
Subject: Re: Anonymous Qmail Denial of Service
:> > | 4) Could setuid(geteuid()) but that doesn't buy very much.
:> >
:> > That should stop the user from killing qmail-queue, methinks.
:>
:> It doesn't buy much because there is still a time when uid != euid,
:> and the signal can arrive then.
:
:But the temporary file does not exist yet.
:
:> I thought more about my original suggestion. It's bunk because it
:> still allows the leaving behind of a junk mess file.
:
:Not if you know what you're doing. Reset the userid and the session id,
:then create your temporary file.
:
