[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Nmh-workers] setuid/setgid in nmh

From: Robert Elz
Subject: Re: [Nmh-workers] setuid/setgid in nmh
Date: Tue, 04 Feb 2014 01:56:24 +0700

    Date:        Mon, 03 Feb 2014 11:57:02 -0500
    From:        Ken Hornstein <address@hidden>
    Message-ID:  <address@hidden>

  | So, I missed this point the first time around.  slocal is designed to
  | be run from a .forward file, right?

That would be common usage, and yes, programs from .forward execute as
the user concerned (anything else would be a huge security hole.)

But if that (or some other user script) was the only way slocal was
designed to be used, it wouldn't have needed the -user arg, would it?

That one only makes sense if you presume that slocal is being run as root,
as in, for example, a replacement for what these days is commonly
/some/path/libexec/mail.local (and used to be /bin/mail in the old days) and
is run directly by sendmail (or whatever) as its local mail delivery program.

As I said last time, I don't know of anyone who actually uses slocal that
way (while it is quite common for procmail) but it certainly is possible
that someone does.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]