skyper <[EMAIL PROTECTED]> wrote:
>
> > Leave the ownership of the trigger alone, and change the permissions to
> > rw--w--w- .
>
> hu ? You mean allowing any local user to cat /dev/zero >trigger
> is the better idea ? Giving non-trusted processes write access
> to a pipe of a daemon (running with root-privilieges) is never
> a good idea tought.
That's the way it's designed. The author put a lot of thought into this,
and there has never been a security hole in qmail. Look at the code
yourself; it's safe.
> It works fine here with qmailq.qmail/640...(or at least qmail seems to
> work as expected :>)
Except that you might see 25-minute delays on processing mail.
Charles
--
-----------------------------------------------------------------------
Charles Cazabon <[EMAIL PROTECTED]>
GPL'ed software available at: http://www.qcc.sk.ca/~charlesc/software/
Any opinions expressed are just that -- my opinions.
-----------------------------------------------------------------------
