[Dovecot] deliver LDA issue with setuid-root
Pascal Volk
user+dovecot at localhost.localdomain.org
Wed Sep 28 21:33:27 EEST 2011
On 09/28/2011 08:37 AM Daminto Lie wrote:
> Hi,
>
> I am getting the following error message when trying to implement LDA Dovecot 1.2.9 with virtual users:
>
>
> Sep 28 15:59:33 server1 postfix/pipe[3041]: 28BEC2400A1: to=<msmith at example.com>, relay=dovecot, delay=2361, delays=2361/0.01/0/0.03, dsn=4.3.0, status=deferred (temporary failure. Command output: /usr/lib/dovecot/deliver must not be both world-executable and setuid-root. This allows root exploits. See http://wiki.dovecot.org/LDA#multipleuids )
>
> I do not know if I need to change the group to secmail. Currently, I have as follows
>
> -rwsr-xr-x 1 root root 933796 2011-06-10 05:36 deliver
>
>
> Can I change it to any other group apart from secmail? and what does it mean by world-executable? Sorry if I ask a silly question here but keen to learn more about linux.
RTFM chmod(1)
> …
> Here is my master.cf
> # delivery through dovecot
> dovecot unix - n n - - pipe
> flags=DRhu user=vmail:vmail argv=/usr/lib/dovecot/deliver -f ${sender} -d ${recipient}
>
> Any help would be greatly appreciated.
>
> Thank you
chgrp vmail /usr/lib/dovecot/deliver
chmod o-rx !$
Regards,
Pascal
--
The trapper recommends today: cafefeed.1127120 at localdomain.org
More information about the dovecot
mailing list