procmail
[Top] [All Lists]

Re: reading message before rcfile

1999-02-03 11:27:09
gerg(_at_)wco(_dot_)com writes:
Philip Guenther <guenther(_at_)gac(_dot_)edu> writes:

Procmail's operation runs something like this:

     Parse command line flags (-d, -p, -f, -m, etc)
     Clean up the environment
     Figure out whether the invoking user is 'trusted'
     Setup signals and file descriptors
     Handle the "From " line
     Read in the entire message
     If in the delivery mode, fork for each user (one at a time)

At or before this point it also does:

      Check mailbox ownership and rename it to BOGUSxxx if it's wrong

That would be the screen $ORGMAIL step below.  The "Become the correct
user" step is really smeared from where I put it below to the far side
of the "Open an rcfile" step, depending on what mode procmail is in.


     Become the correct user
     Set ORGMAIL, HOME, DEFAULT; set the umask
     if not mailfilter mode, screen $ORGMAIL (check for links, permissions)
     Handle command line assignments; set up $1, $2, etc
     LOOP: {
             Open an rcfile
             LOOP: {
                 process a line
             } while there are lines
     } while there are rcfiles left.
...
To a large extent, this isn't procmail's problem.  The /etc/passwd
file should be corrected.  Still, I wish procmail could, when
compiled with HOMEDIRMAIL, either perform the checks after becoming
the user (so directory permissions could prevent mis-delivered mail),
or bail out of the delivery when the home directory isn't owned by
the user.

I'll look at adding a #define that would tell procmail that it should
never need extra-privileges when screening the mailbox.  I've filed it
on my todo list as an enhancement.


Philip Guenther

<Prev in Thread] Current Thread [Next in Thread>
  • Re: reading message before rcfile, Philip Guenther <=