On Mon, 21 Sep 2009 15:43:05 +0200
"Wesley W. Terpstra" <wesley@terpstra.ca> wrote:

> On Mon, Sep 21, 2009 at 12:47 AM, Gerald Livingston <
> gerald.lurker@sysmatrix.net> wrote:
> 
> > > A better test would be to make your sell script:
> > > "touch /tmp/test-file". Then run it and see who
> > > created/owns /tmp/test-file.
> >
> > nobody:nogroup
> >
> 
> Well that would explain why you can't write to the lurker database.
> 
> LDA's like procmail require a local user so they can get around the
> > chroot.
> 
> 
> I'm not sure what you mean here. chroot has nothing to do with user
> accounts; it just changes the root directory.
> 
> 
> > I'm using ecartis as a mailing list manager and it "just works"
> > with nothing but aliases.
> > list1: "|/usr/lib/ecartis/ecartis -s list1"
> >
> 
> Interesting. Perhaps it's setuid? Or perhaps there is a setting
> somewhere else that instructs the MDA to setuid for it.


I'll be danged. I was so concentrated on lurker NOT working "out of the
box" that I failed to look at the things that DO work.

-rwsr-xr-x 1 ecartis daemon 199880 2006-04-14
18:36 /usr/lib/ecartis/ecartis

Is there a security reason that lurker is not setuid?

Gerald

P.S. Please reply to the list so answers are archived. No Cc: to me is
necessary.