From owner-freebsd-hackers  Tue Apr 23 11:56:39 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.3/8.7.3) id LAA25782
          for hackers-outgoing; Tue, 23 Apr 1996 11:56:39 -0700 (PDT)
Received: from irz301.inf.tu-dresden.de (irz301.inf.tu-dresden.de [141.76.1.11])
          by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id LAA25774
          for <freebsd-hackers@freebsd.org>; Tue, 23 Apr 1996 11:56:21 -0700 (PDT)
Received: from sax.sax.de by irz301.inf.tu-dresden.de (8.6.12/8.6.12-s1) with ESMTP id UAA20596; Tue, 23 Apr 1996 20:33:56 +0200
Received: by sax.sax.de (8.6.11/8.6.12-s1) with UUCP
	id UAA13541; Tue, 23 Apr 1996 20:33:56 +0200
Received: (from j@localhost) by uriah.heep.sax.de (8.7.5/8.6.9) id TAA23187; Tue, 23 Apr 1996 19:28:54 +0200 (MET DST)
From: J Wunsch <j@uriah.heep.sax.de>
Message-Id: <199604231728.TAA23187@uriah.heep.sax.de>
Subject: Re: .forward and sendmail?
To: freebsd-hackers@freebsd.org (FreeBSD hackers)
Date: Tue, 23 Apr 1996 19:28:53 +0200 (MET DST)
Cc: henrich@crh.cl.msu.edu (Charles Henrich)
Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch)
In-Reply-To: <199604231358.JAA05012@crh.cl.msu.edu> from "Charles Henrich" at Apr 23, 96 09:58:33 am
X-Phone: +49-351-2012 669
X-Mailer: ELM [version 2.4 PL24 ME8a]
MIME-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

As Charles Henrich wrote:

> Yes but think about it, .forwards WILL NOT WORK USUALLY EVER if
> sendmail doesnt read .forward's as root!  Most home directories are
> 700!  This is a *bug* not a feature.

You might call it a bug.  Make your home dirs 0711, or use a separate
alias database, or make your sendmail vulnerable if you don't like it.

Eric Allman's READ_ME makes it absolutely clear that he considers it a
security feature:

HASSETREUID     Define this if you have setreuid(2) ***AND*** root can
                use setreuid to change to an arbitrary user. [...]
                [...]  Setting this improves the
                security, since sendmail doesn't have to read .forward
                and :include: files as root.  There are certain attacks
                that may be unpreventable without this call.

I don't think you will find anybody here supporting your opinion.

-- 
cheers, J"org

joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE
Never trust an operating system you don't have sources for. ;-)