At 23:40 2004-02-27 -0500, Tom Allison wrote:
I was looking at the man pages and I have a question:
What you set DROPPRIVS to "yes" what does it mean by dropping the suid for
the bottom half of the procmailrc file?
This applies to the _global_ procmailrc: /etc/procmailrc, which is run
with elevated privledges.
I'm unclear what is mean by "bottom half".
procmail scripts are linear (top-down), not procedural. Everything BELOW
the DROPPRIVS (i.e. processed afterwards) will be handled as the
unprivledged user.
how do you determine which half your code is in?
Print the file on a line printer. Take a black Sharpie permanent marker
and draw a line through the line "DROPPRIVS=yes". Stuff above that is
executed as root, and after it, as the destination user.
Of course, if the DROPPRIVS is in a recipe, like so:
:0
* LOGNAME ?? ^^somelooser^^
{
DROPPRIVS=yes
}
Then it's applicable only if the conditions are met.
---
Sean B. Straw / Professional Software Engineering
Procmail disclaimer: <http://www.professional.org/procmail/disclaimer.html>
Please DO NOT carbon me on list replies. I'll get my copy from the list.
_______________________________________________
procmail mailing list
procmail(_at_)lists(_dot_)RWTH-Aachen(_dot_)DE
http://MailMan.RWTH-Aachen.DE/mailman/listinfo/procmail