On Thu, Feb 22, 2001 at 02:16:50PM -0000, John P wrote:
> I'm hopeful I did the right thing, but I chmod'ed both /usr/bin/suidperl and
> qmail-scanner-queue.pl to 4755, and made them both owned by root. That fixed
> the problem.
Arrrrgh! Absolutely not!!!
Do NOT run qmail-scanner-queue.pl as setuid root!! BAD BAD BAD
No known security holes that I know of - but there is ABSOLUTELY NOT REASON
to run is setuid root. It's supposed to be setuid qmailq - make it so and
I'll sleep better at night ;-)
Also, this is all off-topic. You should all be subscribed to the
Qmail-Scanner mailing-list and be having this discussion there :-)
http://lists.sourceforge.net/mailman/listinfo/qmail-scanner-general
--
Cheers
Jason Haar
Unix/Special Projects, Trimble NZ
Phone: +64 3 9635 377 Fax: +64 3 9635 417
