From owner-freebsd-security  Thu Jan  9 01:05:27 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id BAA16930
          for security-outgoing; Thu, 9 Jan 1997 01:05:27 -0800 (PST)
Received: from perki0.connect.com.au (perki0.connect.com.au [192.189.54.85])
          by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id BAA16924
          for <freebsd-security@freebsd.org>; Thu, 9 Jan 1997 01:05:21 -0800 (PST)
Received: (from uucp@localhost) by perki0.connect.com.au id UAA10407
  (8.7.6h/IDA-1.6); Thu, 9 Jan 1997 20:01:24 +1100 (EST)
>Received: from localhost.nemeton.com.au (localhost.nemeton.com.au [127.0.0.1])
          by nemeton.com.au (8.8.4/8.8.4) with SMTP
	  id TAA01064; Thu, 9 Jan 1997 19:44:18 +1100 (EST)
Message-Id: <199701090844.TAA01064@nemeton.com.au>
To: Lyndon Nerenberg <lyndon@esys.ca>
cc: Jimbo Bahooli <moke@fools.ecpnet.com>, freebsd-security@freebsd.org
Subject: Re: sendmail running non-root SUCCESS! 
In-reply-to: <SIMEON.9701081421.B24412@cezanne.esys.ca> 
Date: Thu, 09 Jan 1997 19:44:18 +1100
From: Giles Lean <giles@nemeton.com.au>
Content-Type: text
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk


On Wed, 8 Jan 1997 14:19:21 -0700 (MST)  Lyndon Nerenberg wrote:

> If one were to deprecate ~/.forward in favour of /var/db/forward/$USER, 
> and write a forward(1) command to allow user manipulation of the
> files 

Unfortunately, wrong.  The .forward files contain references to
programs that have to be run as the user, not as daemon or sendmail or
any other user.

Mailing to programs is evil, but it is how you get things like
procmail and vacation to work.

Giles