Hi, On Fri, 2003-09-12 at 01:17, Paul L. Allen wrote: > > This is an interesting point and I'd love to find a clean solution to > > this issue. > I don't think you'll find a clean solution which doesn't involve set-id. > All the others are messy to administer, like a MySQL username per system > user or adding a special group to every user (do all *nixes handle that > well these days?)
If you add a special group to every user you are back where you started. I can't see what's wrong with a mysql user per system user. That would be really clean and effective. If the admistrative tools is integrated into vpopmail, i fail to see any troble ahead (user/admin-vice). It would completely remove any use for any setuid/setgid-hacks. It will also remove the possibility of users injecting sql into any data not belonging to them. One problem would be the table-layout, the vpopmail-table would be useless for example. > How about this: > > 1) An additional user and group, vpsql, used for absolutely no other > purpose (except perhaps as owner of vpopmail database). > > 2) MySQL username and password in a file readable only by vpsql user > and group, and writeable only by vpsql user (if that - most people > will probably edit it as root). > > 3) A very small utility that is setgid vpsql. It does the following > when passed a username and password to verify. You will also need small tools to do all other sorts of operations, quota, valias and so on. > a) Reads the information in the password file. > > b) Drops setgid so it can do nothing further with the password file. > > c) Connects to MySQL. - and forgets username and password. > e) Verifies mail username and password against database. > > f) Returns go or no-go. It's not as simple as that, think about APOP authentication... [snip]