Date: Thu, 9 Jan 1997 08:47:03 -0500 (EST) From: Adam Shostack <adam@homeport.org> To: Pierre.Beyssac@hsc.fr (Pierre Beyssac) Cc: giles@nemeton.com.au, lyndon@esys.ca, moke@fools.ecpnet.com, freebsd-security@FreeBSD.ORG Subject: Re: sendmail running non-root SUCCESS! Message-ID: <199701091347.IAA23487@homeport.org> In-Reply-To: <Mutt.19970109114424.pb@sidhe.hsc.fr> from Pierre Beyssac at "Jan 9, 97 11:44:24 am"
next in thread | previous in thread | raw e-mail | index | archive | help
Pierre Beyssac wrote: | According to Giles Lean: | > Unfortunately, wrong. The .forward files contain references to | > programs that have to be run as the user, not as daemon or sendmail or | > any other user. | > | > Mailing to programs is evil, but it is how you get things like | > procmail and vacation to work. | | Yes, but it's one of the reasons why sendmail needs to be setuid. | | IMHO, it might be a good idea to develop an external "prog" mailer. | It would handle all the setuid stuff required for mailing to programs. | | Regarding the .forward stuff, I'm not sure sendmail really needs to be | setuid to handle that. You mean something like procmail which can be setuid and does mail delivery? Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199701091347.IAA23487>