[Annoyed] Cyrus-imapd/sasl upgrade and lmtpd behaviour...

[Scott Smith]

Oh my god dude. please....  Not trying to bitch you out, but holy crap. It's
a REALLY BAD IDEA to be giving out SUID bits to just any old binary, no
matter WHO owns the binary--root OR cyrus.

What you probably want to do is add your MTA to the same group as Cyrus, at
most.  You can also change the path to the LMTP socket and create a lmtp
group and put cyrus and MTA user in it.  Or, you can run LMTP over TCP (keep
it on loopback) with SASL.

Cyrus / SASL peeps, can you DOCUMENT this, since I personally know of
several people that have had this problem, including myself when I upgraded
from 1.5.x :)

Scott

----- Original Message -----
From: "Steve Clement" <steve.clement at ltam.lu>
To: "info-cyrus" <info-cyrus at lists.andrew.cmu.edu>;
<cyrus-sasl at lists.andrew.cmu.edu>
Sent: Monday, December 30, 2002 9:23 AM
Subject: Re: [Annoyed] Cyrus-imapd/sasl upgrade and lmtpd behaviour...


> Heheh, indeed at 6am I remebered that I had to give delive SUID rights,
> which admittedly is not the right[TM] way, but works.