From owner-freebsd-isp@FreeBSD.ORG Mon Jun 2 08:32:21 2003 Return-Path: Delivered-To: freebsd-isp@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 430F737B401; Mon, 2 Jun 2003 08:32:21 -0700 (PDT) Received: from xyzzy.wireless.snsonline.net (cis-156.ains.net.au [202.147.101.156]) by mx1.FreeBSD.org (Postfix) with ESMTP id 48CBF43FBD; Mon, 2 Jun 2003 08:32:18 -0700 (PDT) (envelope-from msergeant@snsonline.net) Received: from xyzzy.wireless.snsonline.net (localhost [127.0.0.1]) h52FWBcq082324; Tue, 3 Jun 2003 01:32:11 +1000 (EST) (envelope-from msergeant@snsonline.net) Received: (from sarge@localhost)h52FW6qM082267; Tue, 3 Jun 2003 01:32:06 +1000 (EST) X-Authentication-Warning: xyzzy.wireless.snsonline.net: sarge set sender to msergeant@snsonline.net using -f From: Mark Sergeant To: Wolfpaw - Dale Corse In-Reply-To: References: Content-Type: text/plain Content-Transfer-Encoding: 7bit Organization: SNSOnline Technical Services Message-Id: <1054567925.17084.7.camel@xyzzy.wireless.snsonline.net> Mime-Version: 1.0 X-Mailer: Ximian Evolution 1.2.4 Date: 03 Jun 2003 01:32:06 +1000 cc: Support cc: isp@freebsd.org cc: security@freebsd.org Subject: RE: quick poppassd question X-BeenThere: freebsd-isp@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Internet Services Providers List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jun 2003 15:32:21 -0000 Could we maybe drop it to 200ish as I know of many cases where uid's aren't > 1000 for standard users. On Tue, 2003-06-03 at 01:33, Wolfpaw - Dale Corse wrote: > looks good to me :) > > D. > -------------------------------- > Dale Corse > System Administrator > Wolfpaw Services Inc. > http://www.wolfpaw.net > (780) 474-4095 > > > -----Original Message----- > > From: owner-freebsd-isp@freebsd.org > > [mailto:owner-freebsd-isp@freebsd.org]On Behalf Of Support > > Sent: Monday, June 02, 2003 5:04 AM > > To: security@freebsd.org > > Cc: isp@freebsd.org > > Subject: quick poppassd question > > > > > > Hello, > > > > I did a quick change to the patched port of poppassd and am > > wondering if > > you think my code would introduce any potential problems. > > > > The idea is right after we check if the username exists, > > also check if the > > UID of that username is over 1000. I wanted to make sure that no one > > monkeys around with priveleged users once poppassd is running. -snip- -- Mark Sergeant SNSOnline Technical Services