Date: Sun, 05 May 1996 07:37:00 -0400 From: He Who Urges Ampersands <arensb@cfar.UMD.EDU> To: Thomas J Balfe <tbalfe@tioga.com> Cc: security@freebsd.org Subject: Re: sendmail Message-ID: <199605051137.HAA29335@glitnir.cfar.UMD.EDU> In-Reply-To: Your message of "Sat, 04 May 1996 16:53:49 -0000." <Pine.BSF.3.91.960504165126.10768B-100000@falcon.tioga.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 04 May 1996 16:53:49 -0000, tbalfe@tioga.com wrote: > I have recently compiled sendmail from cert.org. What I want to know, > does sendmail have to be mode 4555 to function correctly, or will be > function correctly as mode 555? Or even 4111? Sendmail runs as <user> to deliver <user>'s mail. In particular, if .forward runs any programs, you want them to run as that user. Otherwise you're opening up a security hole. So sendmail has to be able to set its euid, which means it has to run as root. If you run sendmail from inetd, or from /etc/rc.whatever, it'll run as root and your machine will be able to receive mail. If you make it setuid root, then J. Random Program can run sendmail to send mail to someone. If you make sendmail mode 555, then that will break. You can either try to fix all of the programs that break, or you can try to come up with a workaround (e.g., make /usr/lib/sendmail a program that simply talks to the local host's SMTP port; or make /etc/sendmail.cf use nullclient to forward mail to the local host, port 25, where it gets picked up by the version of sendmail that's running as root). As usual, if I'm wrong, I'm sure that a chorus of voices will rise up to correct me. -- Andrew Arensburger, Systems guy Center for Automation Research arensb@cfar.umd.edu University of Maryland Don't crush that dwarf, hand me the pliers.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199605051137.HAA29335>