Date: Fri, 22 Mar 2002 11:46:27 -0300 (BRT) From: Paulo Fragoso <paulo@nlink.com.br> To: security@freebsd.org Subject: Maildrop vs. Procmail Message-ID: <20020322103140.O10588-100000@mirage.nlink.com.br>
next in thread | raw e-mail | index | archive | help
Hi, We have a mail server without shell access for all users. We are thinking to use maildrop to implement mail filters (anti-spam) but we guess there is a security problem with maildrop for this case. We didn't found any configure options to restrict its use, like procmail's option: #define RESTRICT_EXEC 1000 So any user could be albe to exec some script by $HOME/.mailfilter. Are we wrong? Now we are restricting .qmail shell by a smrsh patched (qmail-local.c was patched too), this way any user can exec by .qmail. We are using procmail for two administrator, their UID are minor than 1000. Are there any way to restrict mailfilter for our users? Thanks, Paulo. -- __O _-\<,_ Why drive when you can bike? (_)/ (_) To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20020322103140.O10588-100000>