From owner-freebsd-questions Wed Sep 6 15:14:51 2000 Delivered-To: freebsd-questions@freebsd.org Received: from relay1.inwind.it (relay1.inwind.it [212.141.53.67]) by hub.freebsd.org (Postfix) with ESMTP id 62EC937B422 for ; Wed, 6 Sep 2000 15:14:47 -0700 (PDT) Received: from [212.141.250.68] (212.141.250.68) by relay1.inwind.it (5.1.046) id 39AFDC99000B8B3B for freebsd-questions@FreeBSD.ORG; Thu, 7 Sep 2000 00:14:31 +0200 Received: (qmail 1350 invoked by uid 1000); 6 Sep 2000 22:14:12 -0000 Date: Thu, 7 Sep 2000 00:14:12 +0200 From: Francesco Casadei To: freebsd-questions@FreeBSD.ORG Subject: Re: procmail diverts mail to daemon's mailbox Message-ID: <20000907001412.A1308@goku.kasby> Mail-Followup-To: freebsd-questions@FreeBSD.ORG References: <20000905211717.A8472@bs11.bsag.ch> <20000906112739.A1396@goku.kasby> <20000906121325.A16361@bs11.bsag.ch> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: <20000906121325.A16361@bs11.bsag.ch>; from roth@bsag.ch on Wed, Sep 06, 2000 at 12:13:25PM +0200 X-Operating-System: FreeBSD 4.1-STABLE i386 Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Wed, Sep 06, 2000 at 12:13:25PM +0200, Hanspeter Roth Bsag wrote: > [snip] > > Why is it a security issue for root to receive mail? > [snip] > > I only did the chown command and it works. > > Thank you very much. > > Hanspeter > > end of the original message Mail should not be delivered directly to the superuser to prevent the possibility to run commands as a privileged user. If you set up a procmail filter for root, it would be executed with root privileges (uid=0 and gid=0). The programs or shell scripts to which messages are sent through a pipe would also be executed with root privileges, and this is a security risk. I'm not a security guru so I cannot answer to your question very well, sorry. Francesco Casadei To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message