From owner-freebsd-current Fri Apr 19 11:52:26 2002 Delivered-To: freebsd-current@freebsd.org Received: from 12-234-22-238.client.attbi.com (12-234-90-219.client.attbi.com [12.234.90.219]) by hub.freebsd.org (Postfix) with ESMTP id C557D37B416; Fri, 19 Apr 2002 11:52:15 -0700 (PDT) Received: from Master.gorean.org (master.gorean.org [10.0.0.2]) by 12-234-22-238.client.attbi.com (8.12.2/8.12.2) with ESMTP id g3JIqFHt045247; Fri, 19 Apr 2002 11:52:15 -0700 (PDT) (envelope-from DougB@FreeBSD.org) Received: from Master.gorean.org (zoot [127.0.0.1]) by Master.gorean.org (8.12.2/8.12.2) with ESMTP id g3JIqHLr011307; Fri, 19 Apr 2002 11:52:17 -0700 (PDT) (envelope-from DougB@FreeBSD.org) Received: from localhost (doug@localhost) by Master.gorean.org (8.12.2/8.12.2/Submit) with ESMTP id g3JIqHm3011304; Fri, 19 Apr 2002 11:52:17 -0700 (PDT) X-Authentication-Warning: Master.gorean.org: doug owned process doing -bs Date: Fri, 19 Apr 2002 11:52:17 -0700 (PDT) From: Doug Barton X-X-Sender: doug@master.gorean.org To: Gregory Neil Shapiro Cc: freebsd-current@FreeBSD.org Subject: Re: Proposal for dealing with sendmail [ug]id bootstrapping In-Reply-To: <15552.17875.373230.467284@horsey.gshapiro.net> Message-ID: <20020419114901.V11273-100000@master.gorean.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On Fri, 19 Apr 2002, Gregory Neil Shapiro wrote: > This could lead to security problems. Yes, I stipulated that. > Although I really would prefer that people who are building from source pay > attention to things like the handbook section on what to do when building > from source: We all prefer that. :) The fact is, users don't do it. > I guess that is too much to ask for. IMHO, the best solution for that > group of people would be to move the creation of /var/spool/clientmqueue to > a separate mtree file and use it in src/etc/Makefile's distribution target: > > .if !defined(NO_SENDMAIL) > mtree -deU -f ${.CURDIR}/mtree/sendmail.root.dist -p ${DESTDIR}/ > .endif > > This solves the NO_SENDMAIL case. I like this idea a lot. Wish I'd thought of it. :) > For users who are using sendmail, the > users really do need to exist before an installworld for the reasons given > above. So my solution would be to change the installworld: target in > src/Makefile.inc1: > > - installworld: > + installworld: installcheck I like this idea too. I am perfectly happy to have my whole suggestion shot down as long as it leads to some creative thought about this problem. The status quo is doomed to failure. If you need any help with this stuff, just let me know. Doug -- "We have known freedom's price. We have shown freedom's power. And in this great conflict, ... we will see freedom's victory." - George W. Bush, President of the United States State of the Union, January 28, 2002 Do YOU Yahoo!? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message