From owner-freebsd-security  Fri Apr 30 10:50:56 1999
Delivered-To: freebsd-security@freebsd.org
Received: from gatekeeper.iserver.com (gatekeeper.iserver.com [192.41.0.2])
	by hub.freebsd.org (Postfix) with ESMTP id BD81F14C4E
	for <freebsd-security@FreeBSD.ORG>; Fri, 30 Apr 1999 10:50:54 -0700 (PDT)
	(envelope-from hart@iserver.com)
Received: by gatekeeper.iserver.com; Fri, 30 Apr 1999 11:50:53 -0600 (MDT)
Received: from unknown(192.168.1.109) by gatekeeper.iserver.com via smap (V3.1.1)
	id xma017733; Fri, 30 Apr 99 11:50:50 -0600
Received: (hart@localhost) by anchovy.orem.iserver.com (8.9.2) id LAA29032; Fri, 30 Apr 1999 11:49:59 -0600 (MDT)
Date: Fri, 30 Apr 1999 11:49:58 -0600 (MDT)
From: Paul Hart <hart@iserver.com>
X-Sender: hart@anchovy.orem.iserver.com
To: Wojtek <sopel@nemezis.ipan.lublin.pl>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: Does mail.local need to be setuid-root?
In-Reply-To: <Pine.BSF.4.05.9904301826460.62761-100000@nemezis.ipan.lublin.pl>
Message-ID: <Pine.BSF.3.96.990430112635.28678C-100000@anchovy.orem.iserver.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Fri, 30 Apr 1999, Wojtek wrote:

> i think that mail.local is a real mess (there were various exploits for
> it).  why not switch to a more decent mail distribution program
> (procmail ?) as a default for freebsd.

I for one would be very nervous if procmail were SUID/SGID on my system.
Have you ever looked at the sources to procmail?  They are among the most
convoluted and aesthetically disturbing pieces of code I have ever seen.
And procmail is certainly not without its own problems, see for example:

    http://geek-girl.com/bugtraq/1999_2/0031.html
    http://geek-girl.com/bugtraq/1999_2/0043.html
    http://geek-girl.com/bugtraq/1999_2/0040.html

> the other thing in question is - should sendmail be the default mail
> agent on freebsd ?  there are many substitues for it which have proven
> to be more secure (postfix - by Wietse Venema, or zmailer, qmail, and so
> on..). 

... all with a completely unproven track record, except for qmail perhaps. 

Haven't we already gone to battle over this?  I don't remember who won in
the sendmail versus the rest of the world battle, but this probably
doesn't belong on -security. 

Paul Hart

--
Paul Robert Hart        ><8>  ><8>  ><8>        Verio Web Hosting, Inc.
hart@iserver.com        ><8>  ><8>  ><8>        http://www.iserver.com/



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message