From owner-freebsd-security Wed Jan 8 00:40:47 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id AAA21339 for security-outgoing; Wed, 8 Jan 1997 00:40:47 -0800 (PST) Received: from gw-nl1.philips.com (gw-nl1.philips.com [192.68.44.33]) by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id AAA21334 for ; Wed, 8 Jan 1997 00:40:45 -0800 (PST) Received: (from nobody@localhost) by gw-nl1.philips.com (8.6.10/8.6.10-0.994n-08Nov95) id JAA15332; Wed, 8 Jan 1997 09:39:24 +0100 Received: from unknown(130.139.36.3) by gw-nl1.philips.com via smap (V1.3+ESMTP) with ESMTP id sma015243; Wed Jan 8 09:38:47 1997 Received: from bsd.lss.cp.philips.com (bsd.lss.cp.philips.com [130.144.199.33]) by smtprelay.nl.cis.philips.com (8.6.10/8.6.10-1.2.1m-961216) with SMTP id JAA06314; Wed, 8 Jan 1997 09:38:46 +0100 Received: by bsd.lss.cp.philips.com (8.8.3/1.63) id JAA06611; Wed, 8 Jan 1997 09:38:45 +0100 (MET) From: Guido.vanRooij@nl.cis.philips.com (Guido van Rooij) Message-Id: <199701080838.JAA06611@bsd.lss.cp.philips.com> Subject: Re: sendmail running non-root SUCCESS! To: moke@fools.ecpnet.com (Jimbo Bahooli) Date: Wed, 8 Jan 1997 09:38:45 +0100 (MET) Cc: freebsd-security@freebsd.org In-Reply-To: from Jimbo Bahooli at "Jan 7, 97 09:01:32 pm" X-Mailer: ELM [version 2.4ME+ PL22 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > Other notes, i believe all .forward and related files need to be readable > by the user daemon. I also recommend using tcp_wrappers for logging > because in /var/log/maillog the relay will show up as localhost because of > the redirection. > > Any comments? Yes. A program in a .forward will need to be executed under uid user. How is sendmail going to do that if it is not suid root? -Guido