[Mimedefang] List troubles
Richard A Nelson
cowboy at cavein.org
Fri Mar 31 15:01:42 EST 2006
On Fri, 31 Mar 2006, Kenneth Porter wrote:
> --On Friday, March 31, 2006 9:32 AM -0400 "Oliver Schulze L."
> <oliver at samera.com.py> wrote:
>
>> Nice option to sendmail. I think it would be nice if sendmail can run as
>> a normal user, given the recent security issues.
>
> I hadn't really thought about it before, but sendmail probably doesn't do a
> lot that requires root privilege. The LDA can be suid to access mailboxes,
> and that leaves just the creation of the sub-1024 sockets.
there's a document on the sendmail site, and in Security or somesuch in
the distribution that talks about this...
It is fairly easy, but there some big pitfalls:
* Port 25
* .forward
* non suid LDA
--
Rick Nelson
Life'll kill ya -- Warren Zevon
Then you'll be dead -- Life'll kill ya
More information about the MIMEDefang
mailing list