Re: [Nmh-workers] Questionable code in m_chkids() in sbr/context

nmh-workers

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nmh-workers] Questionable code in m_chkids() in sbr/context_save.c

From:	Neil W Rickert
Subject:	Re: [Nmh-workers] Questionable code in m_chkids() in sbr/context_save.c
Date:	Wed, 18 May 2005 00:22:31 -0500

Ken Hornstein <address@hidden> wrote on May 16, 2005:

>(AFAIK sendmail and friends always run stuff under the user's real and
>effective uid, so I don't think slocal should ever be setuid).

If you run "slocal" from ".forward", then it runs as the recipient
(the person using ".forward").  But there are advantages to running
slocal as a mailer defined in sendmail.cf

Current sendmail allows you to run as the recipient, even when
defined as a mailer.  However there was a time when sendmail would
run a mailer as either the sender uid or daemon, but would not run as
the recipient uid.  You could set sendmail to run it with sendmail's
permissions, which in effect made slocal setuid root for that
invocation.

We must also remember that there are other MTAs than sendmail.

 -NWR

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Nmh-workers] Questionable code - the bigger picture, (continued)

Prev by Date: Re: [Nmh-workers] Questionable code - the bigger picture
Next by Date: Re: [Nmh-workers] A question for the nmh historians
Previous by thread: Re: [Nmh-workers] Questionable code in m_chkids() in sbr/context_save.c
Next by thread: Re: [Nmh-workers] Questionable code in m_chkids() in sbr/context_save.c
Index(es):
- Date
- Thread