[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[tpop3d-discuss] Make tpop3d not run as root, and send another banner..
From: |
Davi Arnaut |
Subject: |
[tpop3d-discuss] Make tpop3d not run as root, and send another banner.. |
Date: |
Mon, 05 Aug 2002 09:45:08 -0300 |
User-agent: |
Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.1a) Gecko/20020702 |
Some of you, like me, which runs tpop3d with auth on mysql,
and all mailspool under the same uid/gid, and wonder why
tpop3d still runs under root uid, this is a patch to
make tpop3d run under the uid of the mailspool, droping root
privileges, making tpop3d more secure.
On around line 750 of mail.c add:
na = authswitch_init();
...
log_print(LOG_INFO, _("%d authentication drivers successfully loaded"), na);
/* run as uid/gid mail (the uid/gid of the mailspool) by address@hidden */
if (getgid() == 0 && setgid(12)) /* change the 12 to change the */
log_print(LOG_ERR, _("no setgid mail."));
if (getuid() == 0 && setuid(8)) /* change the 8 to change the uid */
log_print(LOG_ERR, _("no setuid mail."));
/* end uid/gid mail */
...
net_loop();a
...
-----------------------------------------------------
And this if for those who, for security reasons, want
to change the tpop3d "banner" for something else..
On around line 128 if connection.c change:
if (!connection_sendresponse(c, 1, c->timestamp)) {
to:
if (!connection_sendresponse(c, 1, _("Pop3 Hello World!"))) {
It should be like this:
c->idlesince = time(NULL);
if (!connection_sendresponse(c, 1, _("Hello World!")) ) {
log_print(LOG_ERR, "connection_new: could not s......
goto fail; }
- [tpop3d-discuss] Make tpop3d not run as root, and send another banner..,
Davi Arnaut <=
- Re: [tpop3d-discuss] Make tpop3d not run as root, and send another banner.., Chris Lightfoot, 2002/08/05
- Re: [tpop3d-discuss] Make tpop3d not run as root, and send another banner.., Chris Elsworth, 2002/08/09
- [tpop3d-discuss] Hiding identifying information (was: Make tpop3d not run as root, and send another banner..), Chris Lightfoot, 2002/08/09
- Message not available
- [tpop3d-discuss] Re: Hiding identifying information (was: Make tpop3d not run as root, and send another banner..), Davi, 2002/08/09
- Re: [tpop3d-discuss] Re: Hiding identifying information (was: Make tpop3d not run as root, and send another banner..), Marcin Sochacki, 2002/08/09
- Re: [tpop3d-discuss] Re: Hiding identifying information (was: Make tpop3d not run as root, and send another banner..), Ben Schumacher, 2002/08/09
- Re: [tpop3d-discuss] Re: Hiding identifying information (was: Make tpop3d not run as root, and send another banner..), Chris Lightfoot, 2002/08/09
- Re: [tpop3d-discuss] Re: Hiding identifying information (was: Make tpop3d not run as root, and send another banner..), Jason Clifford, 2002/08/10
- [tpop3d-discuss] (Pure Plain Text, sorry :-) Re: Hiding identifying information (was: Make tpop3d not run as root, and send another banner..), Davi, 2002/08/09