From owner-freebsd-security  Thu Dec  3 11:09:13 1998
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id LAA09315
          for freebsd-security-outgoing; Thu, 3 Dec 1998 11:09:13 -0800 (PST)
          (envelope-from owner-freebsd-security@FreeBSD.ORG)
Received: from cafe.affinity-systems.ab.ca (cafe.affinity-systems.ab.ca [207.229.6.99])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id LAA09310
          for <security@FreeBSD.ORG>; Thu, 3 Dec 1998 11:09:08 -0800 (PST)
          (envelope-from jbourne@cafe.affinity-systems.ab.ca)
Received: (from jbourne@localhost)
	by cafe.affinity-systems.ab.ca (8.9.1a/8.9.1/asi-redhat) id MAA20486;
	Thu, 3 Dec 1998 12:08:30 -0700
Date: Thu, 3 Dec 1998 12:08:28 -0700 (MST)
From: Jim Bourne <jbourne@affinity-systems.ab.ca>
To: Bill Woodford <woodford@cc181716-a.hwrd1.md.home.com>
cc: ML FreeBSD Security <security@FreeBSD.ORG>
Subject: Re: mail.local
In-Reply-To: <Pine.LNX.3.96.981203115141.7707B-100000@cc181716-a.hwrd1.md.home.com>
Message-ID: <Pine.LNX.3.96.981203120522.20374B-100000@cafe.affinity-systems.ab.ca>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Thu, 3 Dec 1998, Bill Woodford wrote:

> 
> On Wed, 2 Dec 1998, Dima Ruban wrote:
> | Could somebody remind me of outcome of removing suid bit from mail.local
> | discussion?
> 
> Hmmm, if you remove it, I believe local mail delivery will cease due to
> permission problems.

If you remove the suid bit from mail.local, it cannot seteuid to the user
which it is delivering mail as.  

Say your sendmail runs as user mail group mail, it exec's mail.local and
feeds mail.local the text in question, mail.local then does a seteuid to the
user the mail is being delivered to and then revokes all other root
privledges and opens, writes, and closes the mail spool file.  umm, IIRC
that is...

But then again, I use procmail anyways.  it's much nicer having my mail
filtered via procmail then all dumped in my spool file :)

Regards,
Jim

> 
> --
> Bill Woodford * woodford@cc181716-a.hwrd1.md.home.com * ICQ:14076169 
>   Volunteer Coordinator, Otakon 99: Convention of Otaku Generation
>      "Windows Multitasking: Messing up several things at once."
> 
> 
> To Unsubscribe: send mail to majordomo@FreeBSD.org
> with "unsubscribe freebsd-security" in the body of the message
> 


--
James Bourne                    | Email:jbourne@affinity-systems.ab.ca
Affinity Systems Inc.           | WWW:http://www.affinty-systems.ab.ca
Everything Unix                 | Linux-The choice of a GNU generation
----------------------------------------------------------------------
Unix System Administration, System programming, Network Administration




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message