[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Nmh-workers] setuid/setgid in nmh
From: |
Robert Elz |
Subject: |
Re: [Nmh-workers] setuid/setgid in nmh |
Date: |
Tue, 04 Feb 2014 01:56:24 +0700 |
Date: Mon, 03 Feb 2014 11:57:02 -0500
From: Ken Hornstein <address@hidden>
Message-ID: <address@hidden>
| So, I missed this point the first time around. slocal is designed to
| be run from a .forward file, right?
That would be common usage, and yes, programs from .forward execute as
the user concerned (anything else would be a huge security hole.)
But if that (or some other user script) was the only way slocal was
designed to be used, it wouldn't have needed the -user arg, would it?
That one only makes sense if you presume that slocal is being run as root,
as in, for example, a replacement for what these days is commonly
/some/path/libexec/mail.local (and used to be /bin/mail in the old days) and
is run directly by sendmail (or whatever) as its local mail delivery program.
As I said last time, I don't know of anyone who actually uses slocal that
way (while it is quite common for procmail) but it certainly is possible
that someone does.
kre