I'm willing to turn this into a seteuid() on systems that support it.
I don't think this would introduce any serious incompatibilities
(actually would remove this incompatibility with 8.6). Unless I
hear otherwise, it will be in 8.7.2.
eric
============= In Reply To: ==============================================
: From: Christopher Davis <ckd(_at_)loiosh(_dot_)kei(_dot_)com>
: Subject: Re: sendmail.cf (8.7), local mailer flags and RUID
: Date: Tue, 3 Oct 1995 10:29:40 -0400
: [also posted to comp.mail.sendmail,fr.network.divers]
: -----BEGIN PGP SIGNED MESSAGE-----
:
: CS> == Claude Scarpelli <claude(_at_)icare(_dot_)infobiogen(_dot_)fr>
:
: CS> Can someone can give me information (and possible workaround) on this
: CS> news behaviour ?
:
: I grovelled around in 8.7.1's guts for a while last night, and found the
: problem. (I had seeing it with procmail; for reliability reasons, I
: filter on the "From " header rather than the "From:", "Sender:", or
: "Return-Path:" headers. It also screws up "subj", which uses the "From "
: address also; very useful for detecting mail from properly-configured
: mailing lists.)
:
: The old semantics of the S flag were "do not reset uid to the defaults".
: That meant, for local mail, that you got the sender's real uid and the
: effective uid of root. The new semantics of the S flag are "set uid/gid
: to the U= parameter, or set them to 0 if no U= param". This means that
: the real uid gets smashed.
:
: The best fix, IMHO, (for procmail, anyway) is to remove the "n" flag from
: the local mailer definition (fix cf/feature/local_procmail.m4), which will
: cause sendmail to supply a "From " line which procmail will trust, coming
: from root as it does. The other fix is to remove the S flag and make
: procmail setuid root, which may not be acceptable to some.
:
: I don't know how various vendors' /bin/mails will deal with getting a
: "From " line handed to them. Replace them with procmail ;-)
:
: -----BEGIN PGP SIGNATURE-----
: Version: 2.6.2
: Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface
:
: iQBVAwUBMHFIanc8OGsDgp+JAQHgHwH/cUuXWuK9lh8LcL32PiAyoi7Z/oJw7iP9
: kk6AdZYiNqIEssmOgGkNc2OCj+8CLiUAneFokGRxYjHxkT6wIbPqfg==
: =AGLH
: -----END PGP SIGNATURE-----
:
: --
: Christopher Davis * <ckd(_at_)kei(_dot_)com> *
<URL:http://www.kei.com/homepages/ckd/>
: 512/03829F89 = D7 C9 A7 80 8C 84 3F B2 27 E1 48 61 BF FC 18 B4
: 1024/66CB73DD = 46 8E FD F5 12 8E 13 4C 2C 8A 92 A3 B0 D5 2A 5E
: [ Public keys available by finger, WWW, or keyserver ]