[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [tpop3d-discuss] Make tpop3d not run as root, and send another banne
From: |
Chris Lightfoot |
Subject: |
Re: [tpop3d-discuss] Make tpop3d not run as root, and send another banner.. |
Date: |
Mon, 5 Aug 2002 14:17:21 +0100 |
User-agent: |
Mutt/1.3.24i |
On Mon, Aug 05, 2002 at 09:45:08AM -0300, Davi Arnaut wrote:
> Some of you, like me, which runs tpop3d with auth on mysql,
> and all mailspool under the same uid/gid, and wonder why
> tpop3d still runs under root uid, this is a patch to
> make tpop3d run under the uid of the mailspool, droping root
> privileges, making tpop3d more secure.
That's a good idea. I'll put a non-hard-coded version
in the `to do' list for the next version....
> And this if for those who, for security reasons, want
> to change the tpop3d "banner" for something else..
>
> On around line 128 if connection.c change:
>
> if (!connection_sendresponse(c, 1, c->timestamp)) {
> to:
> if (!connection_sendresponse(c, 1, _("Pop3 Hello World!"))) {
>
> It should be like this:
>
> c->idlesince = time(NULL);
> if (!connection_sendresponse(c, 1, _("Hello World!")) ) {
> log_print(LOG_ERR, "connection_new: could not s......
> goto fail; }
Hmm. One consequence of this is that APOP logins can't
work -- they depend on the existence of a bracketed
timestamp string.
--
``Outside of a dog, a book is a man's best friend.
Inside of a dog, it's too dark to read.'' (Groucho Marx)
- [tpop3d-discuss] Make tpop3d not run as root, and send another banner.., Davi Arnaut, 2002/08/05
- Re: [tpop3d-discuss] Make tpop3d not run as root, and send another banner..,
Chris Lightfoot <=
- Re: [tpop3d-discuss] Make tpop3d not run as root, and send another banner.., Chris Elsworth, 2002/08/09
- [tpop3d-discuss] Hiding identifying information (was: Make tpop3d not run as root, and send another banner..), Chris Lightfoot, 2002/08/09
- Message not available
- [tpop3d-discuss] Re: Hiding identifying information (was: Make tpop3d not run as root, and send another banner..), Davi, 2002/08/09
- Re: [tpop3d-discuss] Re: Hiding identifying information (was: Make tpop3d not run as root, and send another banner..), Marcin Sochacki, 2002/08/09
- Re: [tpop3d-discuss] Re: Hiding identifying information (was: Make tpop3d not run as root, and send another banner..), Ben Schumacher, 2002/08/09
- Re: [tpop3d-discuss] Re: Hiding identifying information (was: Make tpop3d not run as root, and send another banner..), Chris Lightfoot, 2002/08/09
- Re: [tpop3d-discuss] Re: Hiding identifying information (was: Make tpop3d not run as root, and send another banner..), Jason Clifford, 2002/08/10
- [tpop3d-discuss] (Pure Plain Text, sorry :-) Re: Hiding identifying information (was: Make tpop3d not run as root, and send another banner..), Davi, 2002/08/09