>>>>> "RSW" == Randall S Winchester <rsw@Glue.umd.edu> writes:
RSW> So, is mj_trigger the only mj_ command that is not setuid majordomo?
Correct. Since it runs from Majordomo's crontab, it doesn't need to be.
(Minimum permissions and all that, plus nothing it does is security
checked.)
RSW> Anyways, the following did the trick: chmod 6511
RSW> /usr/local/majordomo/bin/mj_trigger
That would be improper.
RSW> I also noticed that TMPDIR = "/tmp/mj"; does not get recreated if it
RSW> gets removed by a reboot or other clean_tmp routine.
Correct. I suppose it doesn't hurt to try to create it, but why would you
give it a place that you know would be deleted? Pretty much any other
location assumes a lot about the system. (Lots don't have /var/spool.)
- J<
References:
|
|
