From owner-freebsd-security Sun Jan 5 18:46:24 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id SAA01811 for security-outgoing; Sun, 5 Jan 1997 18:46:24 -0800 (PST) Received: from pdx1.world.net (pdx1.world.net [192.243.32.18]) by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id SAA01806 for ; Sun, 5 Jan 1997 18:46:21 -0800 (PST) From: proff@suburbia.net Received: from suburbia.net (suburbia.net [203.4.184.1]) by pdx1.world.net (8.7.5/8.7.3) with SMTP id SAA01229 for ; Sun, 5 Jan 1997 18:47:10 -0800 (PST) Received: (qmail 12280 invoked by uid 110); 6 Jan 1997 02:45:58 -0000 Message-ID: <19970106024558.12279.qmail@suburbia.net> Subject: Re: sendmail....tricks... In-Reply-To: from Jimbo Bahooli at "Jan 5, 97 08:09:57 pm" To: moke@fools.ecpnet.com (Jimbo Bahooli) Date: Mon, 6 Jan 1997 13:45:58 +1100 (EST) Cc: maikel@stack.nl, freebsd-security@freebsd.org X-Mailer: ELM [version 2.4ME+ PL28 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk > > On Mon, 6 Jan 1997, Maikel Verheijen wrote: > > Maikel Verheijen > > Well sendmail needs to access the users mail files, there is no way around > this. Its the lesser of two evils, I'd rather have someone reading users > emails, then running around my system uid 0. > > About connecting to the 'real' sendmail, that would just bypass logging. > If the sendmail was running non-root on a non-root port it would have no > effect because it still would not be running as root, the redirector on > port 25 is just to make it compatible with the rest of the worlds systems. > > -moke@fools.ecpnet.com > > > See my new firewall code for a solution.