From owner-freebsd-security Sun May 5 22:02:40 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id WAA08799 for security-outgoing; Sun, 5 May 1996 22:02:40 -0700 (PDT) Received: from jli (jli.portland.or.us [199.2.111.1]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id WAA08786 for ; Sun, 5 May 1996 22:02:34 -0700 (PDT) Received: from cumulus by jli with uucp (Smail3.1.29.1 #3) id m0uGIQh-0001bCC; Sun, 5 May 96 22:01 PDT Message-Id: To: tbalfe@tioga.com (Thomas J Balfe) Cc: security@freebsd.org Subject: Re: sendmail References: <199605051229.OAA20467@keltia.freenix.fr> In-reply-to: Your message of Sun, 05 May 1996 14:29:00 +0200. <199605051229.OAA20467@keltia.freenix.fr> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-ID: <17325.831358995.1@cloud.rain.com> Date: Sun, 05 May 1996 22:03:15 -0700 From: Bill Trost Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Ollivier Robert writes: It seems that Thomas J Balfe said: > [D]oes sendmail have to be mode 4555 to function correctly, or will be > function correctly as mode 555? Or even 4111? You need the setuid bit as sendmail is switching uids during execution when a user program runs it. However, if the sendmail is not doing any local delivery, then there is no reason that it cannot be run as some other user at all times (including when it is started up by /etc/rc or however you like to start it up). You might even be able to do this by using something like procmail (yech) to perform local delivery -- of course, then procmail has to be setuid root. You might get away with making sendmail only setgid to a user capable of writing the files in /var/mail, but that gets really strange and you still lose deliveries to pipes. WARNING: I have not tried this with sendmail, but have successfully run smail non-root on a machine with no local mailboxes.