Path: utzoo!attcan!uunet!lll-winken!lll-tis!ames!oliveb!epimass!jbuck
From: jbuck@epimass.EPI.COM (Joe Buck)
Newsgroups: news.sysadmin
Subject: Re: Help with expire - old files still around
Message-ID: <2349@epimass.EPI.COM>
Date: 1 Aug 88 16:37:41 GMT
References: <566@resrch.MoliEnergy.BC.CA> <226@hawkmoon.MN.ORG>
Reply-To: jbuck@epimass.EPI.COM (Joe Buck)
Distribution: na
Organization: Entropic Processing, Inc., Cupertino, CA
Lines: 20

In article <226@hawkmoon.MN.ORG> det@hawkmoon.MN.ORG (Derek E. Terveer) writes:
>I have had much the same problems on my machines -- also running 2.11.14, and
>in rereading the documentation for news (which is something that is good to do
>periodically for anything (:-)) i realized that expire should be suid news.

No!  No!  No!  It most emphatically should NOT be suid news, and by setting
it up that way you allow any user on your system to zap all articles by anyone
he or she doesn't like, or to just lock up the system.  I strongly recommend
putting it back the way it was.

expire should be RUN by user "news".  If you have System V.2 or later, with
separate cron files for each user, put it in the cron file for "news".  Otherwise,
put an "su news" in the cron file before running expire.



-- 
- Joe Buck  {uunet,ucbvax,pyramid,<smart-site>}!epimass.epi.com!jbuck
jbuck@epimass.epi.com	Old Arpa mailers: jbuck%epimass.epi.com@uunet.uu.net
	If you leave your fate in the hands of the gods, don't be 
	surprised if they have a few grins at your expense.	- Tom Robbins