dattier(_at_)wwa(_dot_)com (David W. Tamkin) writes:
Are the usual security checks on the permissions of an rcfile and on the
directory where it resides performed when ....
1. ... an rcfile that passed the security checks has an INCLUDERC assignment
naming another rcfile?
2. ... procmail was started suid root as the LDA and /etc/procmailrc sets
DROPPRIVS = yes and then assigns INCLUDERC?
The only checking done on an rcfile specified via INCLUDERC is to make
sure it's a non-empty normal file.
Philip Guenther