From owner-freebsd-security Thu Jan 9 11:07:54 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.4/8.8.4) id LAA15966 for security-outgoing; Thu, 9 Jan 1997 11:07:54 -0800 (PST) Received: from spitfire.ecsel.psu.edu (qmailr@spitfire.ecsel.psu.edu [146.186.218.51]) by freefall.freebsd.org (8.8.4/8.8.4) with SMTP id LAA15961 for ; Thu, 9 Jan 1997 11:07:51 -0800 (PST) Received: (qmail 12308 invoked by uid 1000); 9 Jan 1997 19:08:47 -0000 Message-ID: <19970109190847.12307.qmail@spitfire.ecsel.psu.edu> To: Lyndon Nerenberg cc: Jimbo Bahooli , freebsd-security@FreeBSD.ORG Subject: Re: sendmail running non-root SUCCESS! In-reply-to: Your message of "Thu, 09 Jan 1997 10:31:09 MST." Date: Thu, 09 Jan 1997 14:08:47 -0500 From: Dan Cross Sender: owner-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk > Which can be handled by having "program" alias messages (should the > site choose to allow them) dumped into a seperate queue that is run by > a root process whose sole purpose is to execute programs on the users > behalf. This is the only part of the traditional sendmail chain that > *requires* it (sendmail) to run as root. Splitting that functionality > out into a seperate, tiny, single-purpose program makes a lot more > sense from a security perspective. Which is what qmail already does. (Along with many other things that sendmail doesn't do, or doesn't do as well). Perhaps I'm being naive here, but what's the pressure to stick with sendmail? Why not move to a more reliable and efficient MTA, like Qmail? - Dan C.