Date: Sun, 16 Jun 1996 19:20:48 -0400 (EDT) From: TWC <twc@ns.calyx.com> To: freebsd-security@freebsd.org Subject: Secure way to do mail Message-ID: <Pine.NEB.3.94.960616191530.9006A-100000@mojo.calyx.net>
next in thread | raw e-mail | index | archive | help
Hi. I have been trying to come up with a (more) secure way to do email. I was wondering if it was possible as far as anyone knows to have smap (from the TIS firewall toolkit) answer on port25, take the mail, then hand it over directly to procmail (which would be setuid) for local delivery. Then sendmail could be non-setuid and still used for outgoing email. My reason for not using the standard smap implementation (smap takes the incoming mail then smapd collects and runs sendmail on it) is that I'd like to leave a setuid sendmail out of the equation entirely. Local users could still exploit it, and there are certain sendmail holes that could be a problem even in a non-interactive chroot'ed environment. -- -- TWC -- twc@netpimp.com --
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.94.960616191530.9006A-100000>