This webpage is here to present software created by me,
or in co-operation with other people.|
A short description and downloads are available from here.
If You want send me some suggestions, bugfixes etc. go ahead.
Always You can contact me via mail.
| ERUP & mod_diffprivs
|| QMail & patches
This is page for ERUP project, where
ERUP stands for: enhanced regular user privileges.
ERUP is a Linux kernel patch (and module for 2.4 kernel) which allows
regular users to have enhanced privileges.
With ERUP unprivileged users can call privileged system calls,
which normally are restricted to superuser only.
For more information read README file included in distribution. And also
read ChangeLog to see current development status.
There is also Apache module (mod_diffprivs), which uses this module.
With this module each request may be served as any user without need of
use suexec (which only works with cgi, not build-in php).
Apache may also setgroups & chroot to specified dir before serving request.
You may download it from
There is also my own patched version which You may download from this site.
For apache version 2.2, I recommend the
Apache 2 ITK MPM
Peruser MPM for Apache 2.x.
From this page You can download latest available FileGuard patch
for Linux kernel sources.
More specification for what it is about I'll write later.
In meantime You'll have to read the documentation.
You may also be interested with
A Virtual Filesystem Project
and Filesystem in USErspace.
Since FileGuard software is no longer developed, check them out.
From this page You can download QMail MTA and some useful patches to QMail.
Note, that only following patches are created by me:
You may also be interested in visiting QMail's homepage.
- qmail-qqpf is a qmail-queue post filter. Filtering is done
after the mail is queued. If the environmental variable QQPOSTF
is set, qmail runs filter program pointed by QQPOSTF and passes
to it files from queue. The first argument is filename containing
mail body, the second is filename contains delivery information
(uid, pid, mail from, rcpt to). Stdin, stdout, stderr are open to
/dev/null. If the filter returns with code between
1 and 99, the return code is passed as an error code and mail is dequeued.
For error codes look into qmail.c file. For custom error codes use my
- qmail-qqxrc patch allows You to customize error codes
returned by qmail-queue (see qmail.c for details). With this patch
You can create control/qqxrcode file containing new error codes
and descriptions. Syntax is:
30 Well known virus found
This patch is meant to customize error code descriptions returned by
qmail-queue patched with qmail-qqpf or if qmail-queue returns unknown
error code for any other reason.
- qmail-alwaysbcc is a patch which makes qmail to send
a blind carbon copy (BCC:) of each message to specified address.
The address is read from environment variable called ALWAYSBCC.
I know that there is already QUEUE_EXTRA parameter in extra.h,
but I needed change the address without recompiling qmail. So the patch is out.
- qmail-mplimit is a patch which addresses qmail-send nasty
behavior to try all message recipients from one message before trying
any other message. The problem was well described here
at the last paragraph (at the end of page, starting from words Note to self)
http://www.cyberis.net/support/qmail/misc/THOUGHTS.phtml (Section 5, from words Exception).
The patch simply limits one time recipients tried of message to 4/5*concurrency.
After that message is moved back to queue and next recipients are tried.
This way qmail is able to deliver next message even while processing another
say 10M message with 1000 recipients on slow network.
- qmail-pl is a patch which adds some Polish messages.
I guess not all anyway.
- qmail-smtpd-rlchk is a patch for qmail-smtpd combining two
features in one. First it tries to valid
local recipient after rcpt to: command is issued. If recipient
is invalid for sure, it simply rejects him with 5xx code.
If validity of local recipient can't be verified
(ie. due to lack of privileges or he's remote), he's accepted.
This was created to address the qmail's delayed bounce behavior
and to reduce the amount of double-bounces.
Second, it tries to valid remote sender given in mail from: command.
It simply connects to best MX for domain sender and checks if our sender
is accepted as remote recipient. In case of any error mail sender is
accepted. If remote MX rejects our sender with some errorcode,
we also reject him with the same errorcode and reason.
In addition positive responses are cached.
It works for me, it may work for You...
- qmail-ravenmp are some patches bundled together.
Check the header of the patch for details.
Sendmail2SMTP is a program, which takes an email as it's input, translates
it to SMTP session and passes it to SMTP server.
It was created mainly for use with PHP. First, You don't have to have a real
/usr/sbin/sendmail (or /usr/lib/sendmail)
on machine with php installed. Second, You may put this program into
chroot environment (see ERUP/mod_diffprivs above). With this program You can
continue using php's mail() function. Just change sendmail_path in
php.ini if required.