I have been reading your discussion about files, UIDs, GIDs,
and protections with somewhat puzzled feelings. Has anyone
of you tried making the wrapper.c do something like this?
pwdp = getpwnam(MAJORDOMO_USER);
if (!pwdp) {
fprintf (stderr, "%s: Dedicated user ID (%s) not found\n",
argv[0], MAJORDOMO_USER);
exit (-1);
}
setgid (pwdp->pw_gid);
setuid (pwdp->pw_uid);
Instead of compiling in any information about the "personality"
majordomo should take at the execution time this change makes
the life sometimes a lot easier. You only have to keep the files
(and directories) in sync with the UID and GID in the /etc/passwd.
Beware!! I am not running the most recent version of majordomo
and there could be also some other C programs that need the same
change though I do not think this is the case.
Cheers,
// jau
------
/ Jukka A. Ukkonen, M.Sc. (tech.) Centre for Scientific Computing
/__ Internet: ukkonen@csc.fi Tel: (Home) +358-0-578628
/ Internet: jau@cs.tut.fi (Work) +358-0-4573208
v X.400: c=fi, admd=fumail, no prmd, org=csc, pn=jukka.ukkonen
References:
|
|
