Re: can procmail be bypassed?

1998-03-11 14:36:04
On March, 11 1998 at 14:49, Torrey McMahon -- Sun Microsystems wrote:

Perhaps your sysadmin doesn't want to subject you or your co-workers to 
anything malicious. Especially something that mucks with sendmail, a very 
un-secure program that has lots of access running as root, that has had lots 
of security related problems with in the past.

Ninny? Perhaps he just likes his/her job and doesn't want to be fired when a 
bad binary brings down your office mail system....or worse.

I believe Procmail does not need to run as root.  Each user can
invoke it thru their .forward file.  Hence, it will run under the
permissions of a regular users.  It cannot be anymore malicious than
running Perl programs (which the sysadmin allows).

Anyway, why do you need procmail to run Mhonarc? its not really required.

To do preprocessing.  But if no front-end filtering/preprocessing
is required, MHonArc can be used directly.

BTW, see the FAQ about message filtering, and a home-grown approach
(using Perl) that does not use Procmail.


<Prev in Thread] Current Thread [Next in Thread>