LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - General
Reload this Page what should /usr/sbin/sendmail be chmoded to?
User Name
Password
Linux - General This Linux forum is for general Linux questions and discussion.
If it is Linux Related and doesn't seem to fit in any other forum then this is the place.

Notices


Reply
  Search this Thread
Old 08-22-2002, 08:25 PM   #1
ShawnD
Member
 
Registered: Jul 2002
Distribution: Mandrake 8.2
Posts: 127

Rep: Reputation: 15
what should /usr/sbin/sendmail be chmoded to?

apache is started as root but it runs as 'nobody' so that got me to thinkin. if i log in as shawnd and type "sendmail" it says there is no such program but if i type "/usr/sbin/sendmail" it tells me 'you do not have access'

up until now i have been using SMTP for my forum so i haven't really tested sendmail before and right now my internet is down (posting this from friend's house) so i can't really test it right now. currently, sendmail is chmoded so that the owner (root) can rwx, group can x, other can x
 
Old 08-22-2002, 09:16 PM   #2
crabboy
Senior Member
 
Registered: Feb 2001
Location: Atlanta, GA
Distribution: Slackware
Posts: 1,821

Rep: Reputation: 121Reputation: 121
Why don't you want sendmail to run as root. Sendmail needs to access mail files for each user and is the only user that can access these files yet keep them secure from other users.
 
Old 08-23-2002, 12:51 PM   #3
ShawnD
Member
 
Registered: Jul 2002
Distribution: Mandrake 8.2
Posts: 127

Original Poster
Rep: Reputation: 15
but apache runs as 'nobody' or 'nouser'
if i had apache run as root and i had a shotty PHP script, a smart kid could completely destroy my computer. things like forums have 'user defined' templates as well as a notepad and the ability to post messages which SAVES FILES on my hard drive but NOT in a database.....i can't think of a way a kid could do it but if the forum is saving files as root, there is probably a way it could be exploided to overwrite critical files such as /etc/passwd or /etc/shadow
 
Old 08-23-2002, 12:57 PM   #4
keevitaja
Member
 
Registered: Aug 2002
Location: Estonia
Distribution: XP PRO
Posts: 119

Rep: Reputation: 15
thats startge or just different distros. my sendmail runs under root and apache is apache...
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
Starting httpd: /usr/sbin/httpd: symbol lookup error: /usr/local/lib/libaprutil-0.so. bijuhpd Linux - Newbie 1 10-30-2005 05:07 PM
what is /usr/sbin/xntps -q orko Linux - Security 5 05-11-2005 02:52 PM
/usr/sbin and /sbin world read/executable... why? lazlow69 Slackware 3 04-29-2004 05:06 PM
As root, not seeing /sbin and /usr/sbin in path weghman Linux - Newbie 3 04-25-2004 01:06 PM
/sbin vs /usr/sbin !?!?!? different? sirpelidor Red Hat 1 10-24-2003 03:33 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - General

All times are GMT -5. The time now is 03:57 PM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration