similar to: SetUID check problem

Hi all. I've had a hard time trying to find out why deliver isn't working after I've updated dovecot from v1.11 to v1.2.8. It just gave me EX_TEMPFAIL without any info in the logs. My deliver was setuid-root. Once I've made a simple shell wrapper script for the deliver executable which saves deliver's stdout+stderr, I've found the reason:

I am familiar with this article http://wiki.dovecot.org/LDA#multipleuids I want to disable setuid-root, but I don't know the default group and permissions. sudo chgrp root /usr/libexec/dovecot/dovecot-lda sudo chmod 00750 /usr/libexec/dovecot/dovecot-lda but my delivery is still failing Nov 9 18:22:39 vl42 postfix/pipe[23039]: DEC54700B1: to=<user at domain.com>, orig_to=<user at

Dear Dovecot list, I maintain a few small sendmail/dovecot/procmail based mail servers with system users only (no virtual domains or virtual users) on OpenBSD. I have been able to get a vacation system working with both with the native vacation program from OpenBSD and with procmail. I've been looking into dovecot sieve, but it doesn't appear to solve the bigger user complaint which is,

Hi list I am just experimenting with seting up my own email server. I want some tips and hints on how to secure my setup to prevent unauthorised assess to my email. I have read through the wiki and have not found many tips. I hope to improve the wiki with tips gathered from the emailing list. :-) A basic measurement I could take right now would be to set more secure file premissions on my

I'm getting tired of Thunderbird telling me I have unread messages in folders that haven't gotten new messages for months so I'm looking for a new mail client. I know the problem lies with Thunderbird because everything is fine via RoundCube and if it tell Thunderbird to rebuild it's index it shows the folder correctly again. Except of course for a subset of the messages in

I've been messing with this for too long, now, and I'm blind to whatever's wrong. Or I'm simply being dense. Either way, I need help with a common issue. I'm trying to get Postfix+Spamassassin+Dovecot going on Fedora 10. (I'll get back to the global Sieve thingy soon, but I need to get this going, first.) When using the simple: mailbox_command =

Hey Everyone, I?m down to 1 last error that I know I created on my own but I can?t figure out how to fix it? Here is the error that I?m getting: Apr 3 04:29:37 ip-172-31-24-2 postfix/qmgr[20458]: EFE01423E2: from=<me at spike.net>, size=359, nrcpt=1 (queue active) Apr 3 04:29:37 ip-172-31-24-2 dovecot: lda(beth at primelashdiva.info): Fatal: setresgid(89(postfix),89(postfix),97(dovecot))

I'm trying to create a setuid Perl script (yes, I am aware about the security implications), but am getting this error: % cat testsetuid.pl #!/usr/bin/perl -UT print "My real user id is $< but my effective user id is $>\n"; exit(0); % ./testsetuid.pl Can't do setuid (cannot exec sperl) I am using the stock Perl that came with CentOS 4.5. The problem I

Hi, I dunno much about exploiting, but I was wondering about the setuid root program 'opiepasswd' to use one-time-passwords. When having a seed of (null) and a sequence of -1, I get a segfault. Kernel/base: FreeBSD lama.inet-solutions.be 4.8-RELEASE-p4 FreeBSD 4.8-RELEASE-p4 #0: Sun Aug 31 21:00:38 CEST 2003 root@lama.inet-solutions.be:/usr/obj/usr/src/sys/LAMA i386 Make.conf:

Hi there, some of the recent holes discussed on this list, and David Holland''s suggestion for a utmp manager daemon got me thinking. I ended up coding a sample program that demonstrates how a `resource manager'' can be used to allow applications access to certain resources while not giving them any privileges. The sample program is a primitve modem manager that hands out open

Hi whenever i try to mount a samba share which is a samba server i get an error message that says "smbmnt must be installed suid root for direct mounts(500, 500) smbmnt failed1" Anybody there who can help please? i've consulted sambalist and adviced to visit the foolowing site below http://www.bnro.de/~schmidjo/faq/index.html#faq9 and it says; login as root and change to

https://bugzilla.mindrot.org/show_bug.cgi?id=1310 Damien Miller <djm at mindrot.org> changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |djm at mindrot.org Blocks| |1452 --- Comment #3 from Damien Miller

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I trying to create an automated backup from one machine to the other via SSH. I have setup ssh keys and so on, so everything is pretty much working. The only thing is, I am trying to perserve file ownership. I don't want to use ssh keys w/o a password (for obvious reasons), so I what I did was this: I setup a chrooted account called

version: rsync v2.6.1 (+ a minor, unrelated patch). I'm rsyncing files (not as root) and am happy (indeed, for what I want, delighted) that the files at the target side end up owned by the account doing the rsync. However, I've found that if I have a setuid/setgid file on the source side, the target file ends up setuid/setgid too (but under a different id!). This happens whether

When i go to Yast Control center i can see that the user log in is set to /bin/bash and this is the default. Is this what you meant? Where else to find smbmnt? 'coz when i try to open up /usr/bin/smbmnt it tells me that "COULD NOT FIND THE PROGRAM smbmnt. rgds, Segie On Tuesday 23 March 2004 14:22, you wrote: > Are you sure that smbmnt is /usr/bin ? > > >

Hi, When trying to connect the HyperVisor from a binary having setuid bit set , then I got following error: Unable to perform virConnectOpenReadOnly function error(internal error: libvirt.so is not safe to use from setuid programs) My test software config is the following : -rwsr-xr-x. 1 root root 3374956 Feb 4 13:45 test As this test software needs S bit to be able to access O.S.

Dear All, i would like to know how to install perl with setuid emulation since the default centos 5 wont install with the setuid emulation apprecite your help regards simon -- Network ADMIN: -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.

I have combed google for days searching for an answer to this but cannot find anything anywhere, I'm hoping that posting to this list will get me the solution. I have FC4 running dovecot v1.0.beta7 to serve my POP3 (I had to install v1.0.beta7 because it's on a x86_64 and I need mysql support). It runs great for about two hours, after which I start getting the resource

Hi, I just configured my Postfix installation to deliver via Dovecot LDA. But because I use separate uids for virtual domains I had to set deliver to be setuid root. Altough I find this as frequent answer to this problem with deliver LDA I am not a 100% sure - basically because I try to avoid root setuids as much as I can. What should be better solution - to have all mailboxes with one owner or

Hi! I've set up postfix(2.4.1) + dovecot(1.0-cvs) + dovecot-lda(1.0-cvs). Dovecot's deliver is running as vmail:vmail (according to postfix's master.cf). Now the problem (when receiving mail): deliver(leva): auth input: leva deliver(leva): auth input: uid=8006 deliver(leva): auth input: gid=8000 deliver(leva): auth input: home=/var/mail/virtual/leva deliver(leva): setuid(8006)