procmail
[Top] [All Lists]

Re: sendmail.cf (8.7), local mailer flags and RUID

1995-10-29 08:19:13
I'm willing to turn this into a seteuid() on systems that support it.
I don't think this would introduce any serious incompatibilities
(actually would remove this incompatibility with 8.6).  Unless I
hear otherwise, it will be in 8.7.2.

eric


============= In Reply To: ==============================================
: From:  Christopher Davis <ckd(_at_)loiosh(_dot_)kei(_dot_)com>
: Subject:  Re: sendmail.cf (8.7), local mailer flags and RUID
: Date:  Tue, 3 Oct 1995 10:29:40 -0400

: [also posted to comp.mail.sendmail,fr.network.divers]
: -----BEGIN PGP SIGNED MESSAGE-----
: 
: CS> == Claude Scarpelli <claude(_at_)icare(_dot_)infobiogen(_dot_)fr>
: 
:  CS> Can someone can give me information (and possible workaround) on this
:  CS> news behaviour ?
: 
: I grovelled around in 8.7.1's guts for a while last night, and found the
: problem.  (I had seeing it with procmail; for reliability reasons, I
: filter on the "From " header rather than the "From:", "Sender:", or
: "Return-Path:" headers.  It also screws up "subj", which uses the "From "
: address also; very useful for detecting mail from properly-configured
: mailing lists.)
: 
: The old semantics of the S flag were "do not reset uid to the defaults".
: That meant, for local mail, that you got the sender's real uid and the
: effective uid of root.  The new semantics of the S flag are "set uid/gid
: to the U= parameter, or set them to 0 if no U= param".  This means that
: the real uid gets smashed.
: 
: The best fix, IMHO, (for procmail, anyway) is to remove the "n" flag from
: the local mailer definition (fix cf/feature/local_procmail.m4), which will
: cause sendmail to supply a "From " line which procmail will trust, coming
: from root as it does.  The other fix is to remove the S flag and make
: procmail setuid root, which may not be acceptable to some.
: 
: I don't know how various vendors' /bin/mails will deal with getting a
: "From " line handed to them.  Replace them with procmail ;-)
: 
: -----BEGIN PGP SIGNATURE-----
: Version: 2.6.2
: Comment: Processed by Mailcrypt 3.3, an Emacs/PGP interface
: 
: iQBVAwUBMHFIanc8OGsDgp+JAQHgHwH/cUuXWuK9lh8LcL32PiAyoi7Z/oJw7iP9
: kk6AdZYiNqIEssmOgGkNc2OCj+8CLiUAneFokGRxYjHxkT6wIbPqfg==
: =AGLH
: -----END PGP SIGNATURE-----
: 
: -- 
: Christopher Davis * <ckd(_at_)kei(_dot_)com> * 
<URL:http://www.kei.com/homepages/ckd/>
:      512/03829F89 =  D7 C9 A7 80 8C 84 3F B2  27 E1 48 61 BF FC 18 B4
:     1024/66CB73DD =  46 8E FD F5 12 8E 13 4C  2C 8A 92 A3 B0 D5 2A 5E
:         [ Public keys available by finger, WWW, or keyserver ]


<Prev in Thread] Current Thread [Next in Thread>