 HylaFAX The world's
most advanced open source fax server
|
[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]
Re: help! can't faxalter or faxrm! permission denied!
- To: flexfax@sgi.com
- Subject: Re: flexfax: help! can't faxalter or faxrm! permission denied!
- From: Andrew CROKE <andrew.croke@awamarine.com.au>
- Date: Fri, 25 Jun 1999 19:33:00 +1000
David Woolley wrote: > > > > > > I have found that the process is actually owned by bin. I have been > > > working around it by > > If you have a process, as against a program, owned by bin, you have > a security problem. faxalter itself is not setuser, so should run > as whoever starts it. > > Generally things are owned by bin if they should not be writeable, > and in some cases readable, to anyone except root; it allows a careful > sysadmin to manage them without running as root all the time. They can > be a risk in NFS systems, as bin doesn't have the special protection > given to root. > > Any process running as bin has the ability, if subverted, to access > all the non-privileged programs in the system, including many that > may subsequently be run as root. > > Either the startup script is being run unsafely, or something that > is supposed to be set-user root has been made set-user bin, or > set-user has been inappropriately set on something that doesn't need it. Thanks David, I am no sys admin but doing my best to dig big holes. My terminology is misleading. I should have said "job". This problem does not result from the use of sendfax directly. When a fax is submitted via Netscape Mail (Communicator 4.07 for Linux) the fax appears to be owned by group bin as a result of sendmail. If I submit it from Pine it is no problem (the fax job is owned by the right person) and faxrm can be used OK. I get this in messages. Jun 25 18:15:46 winger sendmail[315]: SAA00315: Authentication-Warning: winger.awamarine.com.au: uucp set sender to fax using -f This is the two jobs. 30 from Netscape. 31 from Pine. JID Pri S Owner Number Pages Dials TTS Status 30 118 S bin 96828560 0:1 9:12 08:59 No local dialtone 32 127 B apcrok 96828560 0:0 0:12 Blocked by concurrent job Is it sendmail (8.8.7) that is the problem or have I configured hylafax incorrectly? In the basic setup root cannot faxrm jobs from the queue. Where do you set the admin password? I can't find it specified anywhere? Thanks, -- Andrew Croke Fax: +61 (0)3 9347 5887 P.O Box 451 Mob: +61 (0)411 511 160 North Melbourne 3051 a.croke@ugrad.unimelb.edu.au (academic) andrew.croke@awamarine.com.au (commercial)
- Follow-Ups:
- Re: help! can't faxalter or faxrm! permission denied!
- From: giulioo@tiscalinet.it (Giulio Orsero)
- Re: help! can't faxalter or faxrm! permission denied!
- From: David Woolley <david@djwhome.demon.co.uk>
- Re: help! can't faxalter or faxrm! permission denied!
- References:
- Re: help! can't faxalter or faxrm! permission denied!
- From: David Woolley <david@djwhome.demon.co.uk>
- Re: help! can't faxalter or faxrm! permission denied!
- Prev by Date: Deployment of Hylafax NT client
- Next by Date: Re: Message clarification
- Prev by thread: Re: help! can't faxalter or faxrm! permission denied!
- Next by thread: Re: help! can't faxalter or faxrm! permission denied!
- Index(es):
Project hosted by iFAX Solutions