From owner-freebsd-questions Tue Feb 20 9:17:18 2001 Delivered-To: freebsd-questions@freebsd.org Received: from guru.mired.org (okc-65-26-235-186.mmcable.com [65.26.235.186]) by hub.freebsd.org (Postfix) with SMTP id D4BFB37B4EC for ; Tue, 20 Feb 2001 09:17:13 -0800 (PST) (envelope-from mwm@mired.org) Received: (qmail 6265 invoked by uid 100); 20 Feb 2001 17:17:12 -0000 From: Mike Meyer MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <14994.42648.893592.127141@guru.mired.org> Date: Tue, 20 Feb 2001 11:17:12 -0600 To: "Jeremiah Gowdy" Cc: questions@freebsd.org Subject: Re: suidperl breaks amavis port In-Reply-To: <36018434@toto.iv> X-Mailer: VM 6.89 under 21.1 (patch 14) "Cuyahoga Valley" XEmacs Lucid X-face: "5Mnwy%?j>IIV\)A=):rjWL~NB2aH[}Yq8Z=u~vJ`"(,&SiLvbbz2W`;h9L,Yg`+vb1>RG% *h+%X^n0EZd>TM8_IB;a8F?(Fb"lw'IgCoyM.[Lg#r\ Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Jeremiah Gowdy types: > I've been speaking with the developers of Amavis, the perl script for MTAs > that scans emails using McAfee or some other virus scanner. They are unable > to get their script to work under FreeBSD 4.2 because suidperl keeps saying > "Can't do suid." They claim it worked fine under FreeBSD 4.1. Did the > suidperl's suid bit get removed in 4.2, or was it removed earlier ? I tried > just resetting the suid bit, but I still got the same message. Does > something special have to be done to enable suidperl ? Yup. You have to turn the setuid bit on on /usr/bin/suidperl. I'm not sure if this can be turned on during the install process. If you're building from sources, set ENABLE_SUIDPERL=true in /etc/make.conf. This is a compromise between security and functionality. The system is secure by default, but if you'd rather have the functionality, you can trivially turn it on. http://www.mired.org/home/mwm/ Independent WWW/Perforce/FreeBSD/Unix consultant, email for more information. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message