On Tue, 25 Nov 2003, Eric Loveland wrote: > I noticed that tmail.c states: "big security hole if this is allowed" where it > fails with this message if mail is being sent to root. > First of all, why is this a security hole and
If mail was allowed to root or any other UID 0 user, then tmail will happily append to any file on the system. > secondly, how can I use > tmail with sendmail and still have my cron messages (and other mail sent > to root) go to my root mailbox? Don't read mail as root (or any other UID 0 user). Don't deliver mail to root (or any other UID 0 user). Forward mail addressed to root to some userid which is not UID 0; this also applies to postmaster, abuse, and other system mailboxes. Use UID 0 solely for privileged system tasks. -- Mark -- http://staff.washington.edu/mrc Science does not emerge from voting, party politics, or public debate. Si vis pacem, para bellum.
