On Sun, 7 Jan 2007, Josip Rodin wrote:
Well, it should work if esmtp runs it as one of the so-called trusted users.
The compiled-in default includes: root mail daemon. What does esmtp run it
as?
esmtp runs it as whatever user it is run as. In this case, the problem
occurs when I run esmtp as root.
Also, the most straightforward way to avoid the trusted user requirement is
to avoid the -d option (and avoid setuid, too). You can do that if you can
tell esmtp to change the environment for you.
For example the way Postfix does it:
http://www.postfix.org/postconf.5.html#mailbox_command
It says
"The command is run with the user ID and the primary group ID privileges of
the recipient."
So it is still running as root, so surely something must be setuid,
because otherwise how could a normal user send something to root? esmtp has
no way of changing user on the MDA command, anyway.
Exim can also do it:
http://www.exim.org/exim-html-4.63/doc/html/spec_html/ch23.html
OK, so arguably esmtp is limited in this respect, but can we concentrate on
the apparent problem, namely that you say it should work when maildrop is
run as root (i.e. root is trusted) and for me this is only the case when you
do -d <some_normal_user> but not -d root?
--
http://rrt.sc3d.org/ | Slow Pedestrian Crossing (Anon)
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
