On Sun, Dec 31, 2017 at 10:09:22AM +0900, Osamu Aoki wrote:
> | AC_DEFINE_UNQUOTED(HAVE_COURIER,1,
> | [ Whether this version of maildrop is part of Courier ])
All of those changes related to HAVE_COURIER sound like something that
should be possible to figure out on runtime. For example, it could detect
some Courier-specific config file somewhere in /etc/, and then make those
few subtle changes in behavior.
> But in the courier MTA use case, the upstream apparently had need to keep
> this program setUID root and added some extra codes to take advantage
> (code before the quoted section seems to be for such purpose) of it and to
> limit it privilege as quoted in the above.
I still don't see a rationale for that. The existence of those measly few
lines about the HAVE_COURIER define, that we then have to interpret and
reverse-engineer and whatnot - simply don't constitute a valid rationale
for adding back a binary with suid root by default.
I think we need to ask Sam to document this properly, and only then proceed
with any further considerations.
--
2. That which causes joy or happiness.
