- Previous message: Sandy Drobic: "Re: A question on building mail gateway with Postfix"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
|
|
|
From: Wietse Venema (no email)
Date: Wed Nov 01 2006 - 11:15:52 EST
kclair:
> On Tue, Oct 31, 2006 at 06:44:07PM -0500, Wietse Venema wrote:
> > kclair:
> > > Hello,
> > >
> > > I'm trying to use a content filter using an external command via
> > > master.cf. I can't really wrap my head around the permissions
> > > problems that I'm seeing, and I'm wondering if anyone can shed any
> > > light on it.
> > >
> > > The line(s) in master.cf:
> > > filter unix - n n - 10 pipe
> > > flags=Rq user=filter argv=/usr/local/anomy/filter.sh -f ${sender} --
> > > ${recipient}
> > >
> > > This should be executing this command as the user "filter", right?
> > >
> > > The permissions of the script:
> > > -rwxr-x--- 1 root filter 1123 2006-10-31 14:13 filter.sh
> >
> > This file is executable if:
> >
> > the process has the NUMERICAL uid of the root USER.
> >
> > the process has the NUMERICAL gid of the filter GROUP.
> >
> > Nowhere does it say that a process with the numerical
> > uid of the filter USER has execute permission.
>
> But the filter user is part of the filter group, so shouldn't that
> grant the filter user permission to execute the file?
Is the NUMERICAL gid of the filter USER equal to the
NUMERICAL gid of the filter GROUP?
Wietse
|
|
|