similar to: Set "setuid" bit on a Solaris server from a Windows client

Running dovecot 1.2.4 on FreeBSD using Postfix. Everything works fine normally, but deliver is executable by world. This is not normally a problem, as I don't run deliver SetUID root. But for whatever reason, when deliver is called by something that IS SetUID root I get the following error: /usr/local/libexec/dovecot/deliver must not be both world-executable and setuid-root. This

Hi. Does anyone use UsePrivilegedPort or have ssh(1) setuid, and if so for what use case? ssh(1) has had code in it to support installing setuid root since approximately forever, however OpenBSD has not shipped it in that configuration since 2002 (and I suspect these days no vendor does). As far as I can tell, all of the reasons for this no longer apply: - setuid root was needed to bind to a

> On 24 May 2019 17:11 Steven Smith via dovecot <dovecot at dovecot.org> wrote: > > > I?m trying to configure dovecot lmtp in multi-user mode. My error logs are filled with messages saying that an imap process cannot do a setuid to another user: > > > May 21 22:28:46 imap(pid 17441 user myuser): Fatal: setuid(512(myuser) from userdb lookup) failed with

Hi OpenSSH developers, I'm using OpenSSH on a daily basis and I'm very pleased with the work you've done. I am contributing to some Open Source software hosted at Savannah https://savannah.nongnu.org/projects/tsp and we recently hit some sftp unexpected behavior: https://savannah.gnu.org/support/?105838 when using chmod sftp client command it appears that setuid / setgid bits are

version: rsync v2.6.1 (+ a minor, unrelated patch). I'm rsyncing files (not as root) and am happy (indeed, for what I want, delighted) that the files at the target side end up owned by the account doing the rsync. However, I've found that if I have a setuid/setgid file on the source side, the target file ends up setuid/setgid too (but under a different id!). This happens whether

Hi, I just configured my Postfix installation to deliver via Dovecot LDA. But because I use separate uids for virtual domains I had to set deliver to be setuid root. Altough I find this as frequent answer to this problem with deliver LDA I am not a 100% sure - basically because I try to avoid root setuids as much as I can. What should be better solution - to have all mailboxes with one owner or

Hi, When trying to connect the HyperVisor from a binary having setuid bit set , then I got following error: Unable to perform virConnectOpenReadOnly function error(internal error: libvirt.so is not safe to use from setuid programs) My test software config is the following : -rwsr-xr-x. 1 root root 3374956 Feb 4 13:45 test As this test software needs S bit to be able to access O.S.

Hi! I've set up postfix(2.4.1) + dovecot(1.0-cvs) + dovecot-lda(1.0-cvs). Dovecot's deliver is running as vmail:vmail (according to postfix's master.cf). Now the problem (when receiving mail): deliver(leva): auth input: leva deliver(leva): auth input: uid=8006 deliver(leva): auth input: gid=8000 deliver(leva): auth input: home=/var/mail/virtual/leva deliver(leva): setuid(8006)

I'm trying to create a setuid Perl script (yes, I am aware about the security implications), but am getting this error: % cat testsetuid.pl #!/usr/bin/perl -UT print "My real user id is $< but my effective user id is $>\n"; exit(0); % ./testsetuid.pl Can't do setuid (cannot exec sperl) I am using the stock Perl that came with CentOS 4.5. The problem I

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello, I trying to create an automated backup from one machine to the other via SSH. I have setup ssh keys and so on, so everything is pretty much working. The only thing is, I am trying to perserve file ownership. I don't want to use ssh keys w/o a password (for obvious reasons), so I what I did was this: I setup a chrooted account called

Dear All, i would like to know how to install perl with setuid emulation since the default centos 5 wont install with the setuid emulation apprecite your help regards simon -- Network ADMIN: -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.

https://bugzilla.mindrot.org/show_bug.cgi?id=1893 Summary: change ssh-keisign to setgid from setuid Product: Portable OpenSSH Version: 5.8p1 Platform: All OS/Version: All Status: NEW Severity: normal Priority: P2 Component: Miscellaneous AssignedTo: unassigned-bugs at mindrot.org

Ok, I'm doing a heads up here. I just applied: - markus at cvs.openbsd.org 2002/06/11 04:14:26 [ssh.c sshconnect.c sshconnect.h] no longer use uidswap.[ch] from the ssh client run less code with euid==0 if ssh is installed setuid root just switch the euid, don't switch the complete set of groups (this is only needed by sshd). ok provos@ A few comments about

I'm running Debian/Squeeze on an AMD64 system. For some reason they have recently stopped shipping mount.cifs with the setuid bit set. Now it appears that they have changed the internal settings to prevent it from running setuid. This means that I can't define the share in fstab with "user" and connect from my Linux user account. Mounting smb/cifs shares seems to be blocked

[Mod: chat removed -- alex] From: userv-maint@chiark.greenend.org.uk (Ian Jackson) Approved: alex@yuriev.com To: linux-security@redhat.com Subject: userv - how to make cron (et al) not setuid 0. Introduction Some time ago I posted on linux-security to say that I was working on a client/server pair which would allow you to invoke a privileged service in a more secure manner. I''ve now

Hi folks - I've been beating my head against the wall for a couple days on this issue, and I'm hoping someone here can help me. I've been running Samba successfully on Debian for some time now, and this problem started recently. I'm unable to determine what has changed on my system. Whenever I attempt to access a share the requires setuid (i.e. guest access), Samba panics and

I?m trying to configure dovecot lmtp in multi-user mode. My error logs are filled with messages saying that an imap process cannot do a setuid to another user: > May 21 22:28:46 imap(pid 17441 user myuser): Fatal: setuid(512(myuser) from userdb lookup) failed with euid=501(adminuser): Operation not permitted (This binary should probably be called with process user set to 512(myuser) instead of

Hi! I've a little question: When the samba create machine account it's uid is 0 (root) or anything else? I've created a samba jail, and I want to know the useradd binary should be setuid or not. Thanks: -- Szalai ?kos <szalakos@andrews.hu> Andrews IT Engineering Kft -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type:

Hello list, I wonder if it is a really bad idea to setuid bit on samba daemons to make them start with root privileges? I need it in an embedded systems where the daemons are started by a non root user and I don't have access to sudo etc and we all know that smbd should run under root. Cheers, henke

Hi, I dunno much about exploiting, but I was wondering about the setuid root program 'opiepasswd' to use one-time-passwords. When having a seed of (null) and a sequence of -1, I get a segfault. Kernel/base: FreeBSD lama.inet-solutions.be 4.8-RELEASE-p4 FreeBSD 4.8-RELEASE-p4 #0: Sun Aug 31 21:00:38 CEST 2003 root@lama.inet-solutions.be:/usr/obj/usr/src/sys/LAMA i386 Make.conf: