procmail
[Top] [All Lists]

Re: 775 mail spool and "Bypassed locking"

1997-04-21 13:24:00
I theorized about Roderick Schertler's situation,

| > Doesn't procmail also give up its setuid and setgid privileges as soon
| > as it reads a user's rcfile?

He responded,

| The FAQ says that, but I don't think it's entirely true.  setids() goes
| out of its way to leave its saved setgid in place so it can toggle back
| to group mail later.

(Not all OSes, I've been told, allow temporary renunciation of privileges;
under some, if you give them up you can't get them back.  Roderick has told
us that he's the sysadmin, so he must know which is the case for his OS.)

| (As a sanity check I tried it without a ~/.procmailrc at all, and
| procmail still delivered mail over an existing .lock file.)

Then privileges are probably not the cause of the problem after all.  It
sounds as though Philip nailed it: if procmail wants a kernel lock and can
get it, perhaps it doesn't care about not getting the lockfile.

| I'd rather not just make the mail spool mode 1777 to make procmail happy
| because that would be ignoring the real problem.  Once I get this working
| I'm going to start using it heavily, I need to be able to trust it.

OK; that makes sense.  And if permissions are not the problem, making the
spool 1777 won't help anyway.

<Prev in Thread] Current Thread [Next in Thread>