Subject: Qmailscan without setuidbit
To: None <>
From: Kwame Yamgnane <>
List: regional-fr
Date: 02/24/2004 11:52:03
Hello all, 

I m new to this ML, I m running qmailscanner on a NetBSD with Qmail. I don't know if someone as already write something about qmailscanner without setuid perl. If this as been already write, sorry for this already well known post.

I give you my method to install qmailscanner without setuid perl.

	1 - Install sudo
	2 - Add the following line (/usr/pkg/etc/sudoers) :

		qmaild  ALL= (qscand) NOPASSWD: /qmail/bin/ *

	This line enable you as user qmaild to launch /qmail/bin/ as user qscand whitout any password

	3 - in /etc/tcp.smtp add this line :


	instead of :

	4 - write the shell code /usr/local/bin/

		exec /usr/pkg/bin/sudo -u qscand /var/qmail/bin/ $*

	(Note that without the "exec" it's can't work)

	5 - remove setuid from /var/qmail/bin/

		That's it.

In girum imus nocte et consumimur igni