procmail
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: rcfile security checks

1997-09-09 17:46:41
from [Philip Guenther] [Permanent Link] 
dattier(_at_)wwa(_dot_)com (David W. Tamkin) writes:

Are the usual security checks on the permissions of an rcfile and on the
directory where it resides performed when ....

1. ... an rcfile that passed the security checks has an INCLUDERC assignment
  naming another rcfile?

2. ... procmail was started suid root as the LDA and /etc/procmailrc sets
  DROPPRIVS = yes and then assigns INCLUDERC?


The only checking done on an rcfile specified via INCLUDERC is to make
sure it's a non-empty normal file.

Philip Guenther
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  procmail compile barfs horribly, colin sebastian roald
Next by Date:  Re: procmail compile barfs horribly, Philip Guenther
Previous by Thread:  rcfile security checks, David W. Tamkin
Next by Thread:  Re: rcfile security checks, David W. Tamkin
Indexes:  [Date] [Thread] [Top] [All Lists]