[also posted to comp.mail.sendmail,fr.network.divers]
-----BEGIN PGP SIGNED MESSAGE-----
CS> == Claude Scarpelli <claude(_at_)icare(_dot_)infobiogen(_dot_)fr>
CS> Can someone can give me information (and possible workaround) on this
CS> news behaviour ?
I grovelled around in 8.7.1's guts for a while last night, and found the
problem. (I had seeing it with procmail; for reliability reasons, I
filter on the "From " header rather than the "From:", "Sender:", or
"Return-Path:" headers. It also screws up "subj", which uses the "From "
address also; very useful for detecting mail from properly-configured
mailing lists.)
The old semantics of the S flag were "do not reset uid to the defaults".
That meant, for local mail, that you got the sender's real uid and the
effective uid of root. The new semantics of the S flag are "set uid/gid
to the U= parameter, or set them to 0 if no U= param". This means that
the real uid gets smashed.
The best fix, IMHO, (for procmail, anyway) is to remove the "n" flag from
the local mailer definition (fix cf/feature/local_procmail.m4), which will
cause sendmail to supply a "From " line which procmail will trust, coming
from root as it does. The other fix is to remove the S flag and make
procmail setuid root, which may not be acceptable to some.
I don't know how various vendors' /bin/mails will deal with getting a
"From " line handed to them. Replace them with procmail ;-)
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface
iQBVAwUBMHFIanc8OGsDgp+JAQHgHwH/cUuXWuK9lh8LcL32PiAyoi7Z/oJw7iP9
kk6AdZYiNqIEssmOgGkNc2OCj+8CLiUAneFokGRxYjHxkT6wIbPqfg==
=AGLH
-----END PGP SIGNATURE-----
--
Christopher Davis * <ckd(_at_)kei(_dot_)com> *
<URL:http://www.kei.com/homepages/ckd/>
512/03829F89 = D7 C9 A7 80 8C 84 3F B2 27 E1 48 61 BF FC 18 B4
1024/66CB73DD = 46 8E FD F5 12 8E 13 4C 2C 8A 92 A3 B0 D5 2A 5E
[ Public keys available by finger, WWW, or keyserver ]