From owner-freebsd-security  Sun Jun 16 19:48:11 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id TAA06614
          for security-outgoing; Sun, 16 Jun 1996 19:48:11 -0700 (PDT)
Received: from mojo.calyx.net (mojo.calyx.net [204.137.148.2])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id TAA06608;
          Sun, 16 Jun 1996 19:48:06 -0700 (PDT)
Received: from localhost (twc@localhost) by mojo.calyx.net (8.7.5/8.7.3) with SMTP id WAA10812; Sun, 16 Jun 1996 22:47:20 -0400 (EDT)
Date: Sun, 16 Jun 1996 22:47:20 -0400 (EDT)
From: TWC <twc@ns.calyx.com>
To: Gary Palmer <gpalmer@FreeBSD.ORG>
cc: TWC <twc@ns.calyx.com>, freebsd-security@FreeBSD.ORG
Subject: Re: Secure way to do mail 
In-Reply-To: <26496.834968111@palmer.demon.co.uk>
Message-ID: <Pine.NEB.3.94.960616224105.10754C-100000@mojo.calyx.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk



--
-- TWC -- twc@netpimp.com --

On Mon, 17 Jun 1996, Gary Palmer wrote:

> TWC wrote in message ID
> <Pine.NEB.3.94.960616191530.9006A-100000@mojo.calyx.net>:
> > 
> 
> > My reason for not using the standard smap implementation (smap takes the
> > incoming mail then smapd collects and runs sendmail on it) is that I'd
> > like to leave a setuid sendmail out of the equation entirely.  Local users
> > could still exploit it, and there are certain sendmail holes that could be
> > a problem even in a non-interactive chroot'ed environment.
> 
> Why not still use procmail for local delivery and leave sendmail
> non-suid? Won't that fit your requirements? You can configure sendmail
> to use procmail rather than mail.local for delivery...

Doesn't sendmail need to be setuid at least to bind to the priveleged
port?  I'm under the impression that starting it from inetd is a "bad
idea" in that inetd craps out when many connections are opened at one (a
situation that happens commonsly as lists come into our shell machine.)

I have procmail installed now as the sendmail local delivery agent.  I was
hoping to somehow take advantage of smap's extreme simplicity.  I like the
idea of a very simple, reliable, solidly coded program answering on port
25.  

> 
> Gary
> --
> Gary Palmer                                          FreeBSD Core Team Member
> FreeBSD: Turning PC's into workstations. See http://www.FreeBSD.ORG/ for info
>