[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [bug-mailutils] [Feature request] Find "sendmail" in $PATH at runtim
Re: [bug-mailutils] [Feature request] Find "sendmail" in $PATH at runtime
Sun, 8 Oct 2017 14:56:04 +0200
On 8 October 2017 at 14:39, Sergey Poznyakoff <address@hidden> wrote:
> Hi Bjørn,
>> For packaging mailutils in Nix/NixOS I/we would like to have the
>> "mail" program lookup the path to "sendmail" at runtime via the $PATH
>> environment variable.
> Have you considered the security implications of such a move?
My reasoning is that as long as "mail" is not setuid root (or anything
that elevates the privileges of the user invoking it), there is no
security issue. But I'm actually not that familiar with "mail"... does
it ever get installed setuid? (Currently it doesn't on NixOS.)
Do you see any issues?
>> How to do that?
> There's no way to do this currently, except for symlinking the actual
> sendmail-compatible binary (whatever it is in your distro) to the
> predefined path (preferably, to the place defined by _PATH_SENDMAIL
> in your /usr/include/paths.h). In fact, that's what all distros that
> I've ever seen do.
I see. We could do that too (hardcode path to sendmail), but
Nix/nixpkgs aims to be a generic (mostly distro-agnostic) package
manager, so hardcoding it for yet another distro seems like a step
back. Ideally, we'd have one binary working on multiple distros.