Disabling setuid in vm when playing messages

• Messages sorted by:[ date ][ thread ][ subject ][ author ]

Stefan Haller <stefan.haller@ascom.ch> wrote:
> I'm using vm to send voicemails. Every user on the machine should be
> able to send those messages. It seems that it is not possible to disable
> the setuid-stuff when a file is played. I deleted the entries in the
> config file once, but without much luck.

Why not write a small perl wrapper that would check the file, phone
number, and be suid root ?

Setting the suid bit to the vm program means the user can also record,
control the modem, etc.

> This is a problem for me since vm dies when it cannot change its uid to
> that one defined in voice.conf. I tried to set the setuid-flag for vm so

set that uid to 0 could fix the problem.

> I'm using vm of the mgetty 1.1.21 package on Solaris 2.6.

You could try to revert access.c to an older version (e.g. 1.1.19).
But I doubt it would be more secure.