On Tue, Apr 24, 2001 at 03:37:34PM +0100, Alan Cox wrote:
> What role requires priviledge once the port is open ?
>
> DNS lookup does not
> Spooling to disk does not
> Accepting a connection from a client does not
> Doing peercred auth with a client does not
> Copying spool articles matching the peercred to the client does not
Running procmail as the user who is to receive the email for local mail
delivery as running it with gid mail (for eg) would allow one user to
modify another's mail.
(just a thought - the above's valid with sendmail at least)
-- CaT (cat@zip.com.au) *** Jenna has joined the channel. <cat> speaking of mental giants.. <Jenna> me, a giant, bullshit <Jenna> And i'm not mental - An IRC session, 20/12/2000- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon Apr 30 2001 - 21:00:11 EST