When you install majordomo, you make the wrapper program and install
it. It runs under root's login and changes its id to majordom and
then runs the majordomo scripts.
As I understand it, this wrapper is considered a security feature
because it switches users to majordom, thereby restricting resend and
majordomo's access to the system.
Also, into the wrapper is compiled the path to majordomo's executables
so the wrapper can execute them. Now then, is it a security feature
to have this path compiled in, rather than read from a configuration
file?
My application, eVote, which runs in conjunction with majordomo, also
compiles in this path, thinking that it should follow suit on whatever
majordomo is doing under the category of security. But, it was a big
problem getting it all going on Red Hat. Now I have it fixed so that
if the compile hits a problem, it invites the installer to either fix
up the compile or go ahead without a compilation by installing a
version that reads the path from eVote's configuration file.
Is this meaningful or am I following majordomo off a cliff?
*
Marilyn *
*
*
Marilyn Davis, Ph.D.-------------- * ---- eVote - free online polling
| * software for email lists:
| * * eVote-info@deliberate.com
marilyn@deliberate.com * *
(650) 965-7121 ------------- * * -------- http://www.deliberate.com
*
|
|
