* Marc Haber: > (1) apache or something running inside the apache process (maybe a php > script using mail()) sends e-mail using /usr/lib/sendmail. > (2) exim, invoked as /usr/lib/sendmail, inherits the listening socket.
If Apache behaves like this, it's a security issue, especially if it occurs together with SuexecUserGroup. Non-privileged processes can intercept HTTP requests and impersonate the web server process. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
