procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: Executing a program as a recipient from ~/.procmailrc

2003-02-08 11:25:31
from [Professional Software Engineering] [Permanent Link] 
At 08:08 2003-02-08 -0500, Louis LeBlanc did say:

> >Unfortunately, procmail is running as root.
>
> procmail should not be running as root by the time it reaches their
> ~/.procmailrc.  If it is, you have something configured terribly wrong, or
> you're invoking it directly via an MTA alias, not as LDA.

I am calling procmail from the MTA.  I am also setting DROPPRIVS=yes,
DROPPRIVS is meaningless if the user it is delivering as _is_ root (or whoever the MTA invokes the PROG mailer as). Procmail has no _user_ to drop down to. When procmail is invoked with -m, it isn't running /etc/procmailrc (where DROPPRIVS tends to be used), and never "elevates" its privileges to have any to DROP.
If you're invoking an rcfile from an alias, I'd consider using /etc/procmailrcs/ as a startpoint - own the stub file there by the user you want procmail to run as (see 'man procmailrc' which defines that directory to have special meaning to procmail), and have THAT rcfile INCLUDERC the ${HOME}/.procmailrc of the user. I haven't personally had a need to do this, but if I were attempting to invoke procmail from an MTA alias on behalf of a specific user, this is how I'd go about it.
(the -d option to procmail should also be of interest to you, but since you haven't provided _ANY_ details on how you're invoking procmail, what your OS is, and the version of procmail for that matter, it's probably a bit premature for me to offer up specific commandline arguments).
BTW, as much as I used to like using procmail-users(_at_)procmail(_dot_)org, and as much as it *SHOULD* point to the correct address on the real list server - esp. since the procmail.org address is what is listed in the procmail help - it hasn't worked in _months_, so you should revise your Reply-to: (as I did long ago) if you hope to receieve many replies. 

---
 Sean B. Straw / Professional Software Engineering

 Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
 Please DO NOT carbon me on list replies.  I'll get my copy from the list.


_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: Executing a program as a recipient from ~/.procmailrc, Louis LeBlanc
Next by Date:  Re: Executing a program as a recipient from ~/.procmailrc, Louis LeBlanc
Previous by Thread:  Re: Executing a program as a recipient from ~/.procmailrc, Louis LeBlanc
Next by Thread:  Re: Executing a program as a recipient from ~/.procmailrc, Louis LeBlanc
Indexes:  [Date] [Thread] [Top] [All Lists]