On Tue, Apr 24, 2001 at 03:59:28PM +0100, Alan Cox wrote:
> What is this gid mail crap ? You don't need priviledge. You get the mail by
> asking the daemon for it. procmail needs no priviledge either if it is done
> You just need to think about the security models in the right way. Linux gives
> you the ability to do authenticated uid/gid checking over a socket connection.
> That is an incredibly powerful model for real compartmentalisation.
Ok. My experience isn't all that great so I may well be missing something
here. But what?
1. email -> sendmail
2. sendmail figures out what it has to do with it. turns out it's deliver
it locally for user blah
3. sendmail starts procmail so that it delivers the email.
4. procmail goes through the recepie list for user blah and eventually
delivers the email (one way or another)
Now, in order for step 4 to be done safely, procmail should be running
as the user it's meant to deliver the mail for. for this to happen
sendmail needs to start it as that user in step 3 and to do that it
needs extra privs, above and beyond that of a normal user.
Now as I said, I'm not a UNIX God[tm] and so I may well be missing something
vital. If so, what is it? This sounds like something that would be way
useful to learn. :)
-- CaT (firstname.lastname@example.org) *** Jenna has joined the channel. <cat> speaking of mental giants.. <Jenna> me, a giant, bullshit <Jenna> And i'm not mental - An IRC session, 20/12/2000
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to email@example.com More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Apr 30 2001 - 21:00:12 EST