search for: multipleuids

Displaying 6 results from an estimated 6 matches for "multipleuids".

2009 Oct 27
1
SetUID check problem
...s I don't run deliver SetUID root. But for whatever reason, when deliver is called by something that IS SetUID root I get the following error: /usr/local/libexec/dovecot/deliver must not be both world-executable and setuid-root. This allows root exploits. See http://wiki.dovecot.org/LDA#multipleuids Deliver's permissions look like this: -r-xr-xr-x While the program calling deliver has permissions like this: -r-s--x--- If it isn't possible for deliver to differentiate between being called by setuid root programs and being setuid root itself I don't think it should be doing...
2009 Dec 29
1
Deliver EX_TEMPFAIL's without giving any information
.... Once I've made a simple shell wrapper script for the deliver executable which saves deliver's stdout+stderr, I've found the reason: /usr/local/libexec/dovecot/deliver must not be both world-executable and setuid-root. This allows root exploits. See http://wiki.dovecot.org/LDA#multipleuids Did a 'chmod o-x deliver' and fixed groups/owners and now everything works as it should. I think this error message should go to log files, not just to stdout/stderr. And it's worth to describe this behaviour in the Wiki. Cheers, Denis
2011 Nov 09
1
default Dovecot-LDA CHGRP/CHMOD
I am familiar with this article http://wiki.dovecot.org/LDA#multipleuids I want to disable setuid-root, but I don't know the default group and permissions. sudo chgrp root /usr/libexec/dovecot/dovecot-lda sudo chmod 00750 /usr/libexec/dovecot/dovecot-lda but my delivery is still failing Nov 9 18:22:39 vl42 postfix/pipe[23039]: DEC54700B1: to=<user at domain....
2009 Feb 24
7
Securing mailboxes and passwords
Hi list I am just experimenting with seting up my own email server. I want some tips and hints on how to secure my setup to prevent unauthorised assess to my email. I have read through the wiki and have not found many tips. I hope to improve the wiki with tips gathered from the emailing list. :-) A basic measurement I could take right now would be to set more secure file premissions on my
2009 Apr 12
4
auth-master: Permission denied [sigh]
I've been messing with this for too long, now, and I'm blind to whatever's wrong. Or I'm simply being dense. Either way, I need help with a common issue. I'm trying to get Postfix+Spamassassin+Dovecot going on Fedora 10. (I'll get back to the global Sieve thingy soon, but I need to get this going, first.) When using the simple: mailbox_command =
2016 Apr 03
3
1 last error
Hey Everyone, I?m down to 1 last error that I know I created on my own but I can?t figure out how to fix it? Here is the error that I?m getting: Apr 3 04:29:37 ip-172-31-24-2 postfix/qmgr[20458]: EFE01423E2: from=<me at spike.net>, size=359, nrcpt=1 (queue active) Apr 3 04:29:37 ip-172-31-24-2 dovecot: lda(beth at primelashdiva.info): Fatal: setresgid(89(postfix),89(postfix),97(dovecot))