Re: [Dovecot] auth-master: Permission denied [sigh]
I have changed /usr/local/libexec/dovecot/deliver permissions as follows:
-rwsr-s--- 1 root dovecot 4044835 2009-04-03 13:52 deliver
Because of message returned to 'sender@example-send.com':
"local configuration error. Command output: /usr/local/libexec/dovecot/deliver must not be both world-executable and setuid-root. This allows root exploits. See [LDA#multipleuids wiki page]."
Same auth-master "Permission denied" error.
Thanks again.
James
On Tue, 2009-04-14 at 13:15 -0700, James Butler wrote:
I have changed /usr/local/libexec/dovecot/deliver permissions as follows:
-rwsr-s--- 1 root dovecot 4044835 2009-04-03 13:52 deliver
Because of message returned to 'sender@example-send.com':
"local configuration error. Command output: /usr/local/libexec/dovecot/deliver must not be both world-executable and setuid-root. This allows root exploits. See [LDA#multipleuids wiki page]."
Same auth-master "Permission denied" error.
The wiki says it should be:
chmod 04750 /usr/local/libexec/dovecot/deliver
You also had g+s. It probably doesn't make a difference, but who knows. Anyway.. Once you have deliver as setuid-root, there really just shouldn't be any auth-master permission denied errors. It's connected to as root, it makes no difference what its permissions are, deliver should be able to connect to it.
participants (2)
-
James Butler
-
Timo Sirainen