Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 9 Jan 1997 11:44:24 +0100
From:      Pierre.Beyssac@hsc.fr (Pierre Beyssac)
To:        giles@nemeton.com.au (Giles Lean)
Cc:        lyndon@esys.ca (Lyndon Nerenberg), moke@fools.ecpnet.com (Jimbo Bahooli), freebsd-security@FreeBSD.ORG
Subject:   Re: sendmail running non-root SUCCESS!
Message-ID:  <Mutt.19970109114424.pb@sidhe.hsc.fr>
In-Reply-To: <199701090844.TAA01064@nemeton.com.au>; from Giles Lean on Jan 9, 1997 19:44:18 %2B1100
References:  <SIMEON.9701081421.B24412@cezanne.esys.ca> <199701090844.TAA01064@nemeton.com.au>

next in thread | previous in thread | raw e-mail | index | archive | help
According to Giles Lean:
> Unfortunately, wrong.  The .forward files contain references to
> programs that have to be run as the user, not as daemon or sendmail or
> any other user.
> 
> Mailing to programs is evil, but it is how you get things like
> procmail and vacation to work.

Yes, but it's one of the reasons why sendmail needs to be setuid.

IMHO, it might be a good idea to develop an external "prog" mailer.
It would handle all the setuid stuff required for mailing to programs.

Regarding the .forward stuff, I'm not sure sendmail really needs to be
setuid to handle that.
-- 
Pierre.Beyssac@hsc.fr



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Mutt.19970109114424.pb>