From owner-freebsd-security  Thu Jan  9 11:19:42 1997
Return-Path: <owner-security>
Received: (from root@localhost)
          by freefall.freebsd.org (8.8.4/8.8.4) id LAA16698
          for security-outgoing; Thu, 9 Jan 1997 11:19:42 -0800 (PST)
Received: from mexico.brainstorm.eu.org (root@mexico.brainstorm.fr [193.56.58.253])
          by freefall.freebsd.org (8.8.4/8.8.4) with ESMTP id LAA16675
          for <freebsd-security@freebsd.org>; Thu, 9 Jan 1997 11:19:36 -0800 (PST)
Received: from brasil.brainstorm.eu.org (brasil.brainstorm.fr [193.56.58.33])
          by mexico.brainstorm.eu.org (8.8.4/8.8.4) with ESMTP
	  id UAA07892 for <freebsd-security@freebsd.org>; Thu, 9 Jan 1997 20:19:29 +0100
Received: (from uucp@localhost) by brasil.brainstorm.eu.org (8.6.12/8.6.12) with UUCP id UAA13529 for freebsd-security@FreeBSD.ORG; Thu, 9 Jan 1997 20:19:20 +0100
Received: (from roberto@localhost) by keltia.freenix.fr (8.8.4/keltia-uucp-2.9) id UAA23761;
          Thu, 9 Jan 1997 20:04:12 +0100 (CET)
Message-ID: <Mutt.19970109200412.roberto@keltia.freenix.fr>
Date: Thu, 9 Jan 1997 20:04:12 +0100
From: roberto@keltia.freenix.fr (Ollivier Robert)
To: freebsd-security@freebsd.org
Subject: Re: sendmail running non-root SUCCESS!
References: <Mutt.19970109114424.pb@sidhe.hsc.fr> <199701091347.IAA23487@homeport.org> <Mutt.19970109153512.pb@sidhe.hsc.fr>
X-Mailer: Mutt 0.55.15
Mime-Version: 1.0
X-Operating-System: FreeBSD 3.0-CURRENT ctm#2837
In-Reply-To: <Mutt.19970109153512.pb@sidhe.hsc.fr>; from Pierre Beyssac on Jan 9, 1997 15:35:12 +0100
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

According to Pierre Beyssac:
> Not exactly (though I don't know procmail well enough: maybe it
> can do that too).

Look on your own machine Pierre, that's the way I set it up when it was
mine :-) The way to do it is to use FEATURE(local_procmail).

> sendmail could process the .forward as usual, but it would
> call the external prog mailer to ask it to run "/home/user/bin/myownstuff"
> as "user" and pipe the mail to it.

It is very easy to implement (winthin sendmail). Now, where is the patch
for the run-as-user program ? :-)

> I don't know how easy it would be to make this secure, it's just an
> idea. My feeling is that it should be possible to define something
> more modular than sendmail, with only very few parts setuid inside.

That's Qmail for you.

Qmail would have been fine for most use in place of sendmail if it
supported some more sendmail-compatible features like DSN, ESMTP, proper
UUCP support and a simplier configuration system (I don't like the
.qmail-foo-bar system).

Even making the one mail/one recipient feature optional would be nice but
Bernstein is too stubborn.

-- 
Ollivier ROBERT    -=- The daemon is FREE! -=-    roberto@keltia.freenix.fr
  FreeBSD keltia.freenix.fr 3.0-CURRENT #33: Sat Dec 21 12:57:17 CET 1996