Julian Mehnle writes:
Sam Varshavchik <[EMAIL PROTECTED]> wrote:
Julian Mehnle writes:
> I'm running a courierfilter to filter incoming mail right at the SMTP
> dialog. Unfortunately, since I have been doing this, I cannot use
> `sendmail` as an unprivileged user (!= root, != daemon) anymore:
>
> $ echo test | sendmail $my_address
> 432 Mail filters temporarily unavailable.
> sendmail: Unable to submit message.
>
> [...]
> I think the socket(s) would need to be accessible (readable?
> writable? executable?) for unprivileged users (maybe for a dedicated
Correct. Here's what you missed:
# ls -l /usr/lib/courier/bin/sendmail
-r-s--x--x 1 root daemon 140239 Nov 28 21:01 /usr/lib/courier/bin/sendmail
sendmail.c:
setgid(MAILGID);
setuid(getuid());
The end result is that the sendmail wrapper ends up running under
whatever userid invoked it, but under the daemon group. Hence, those
socket directories should be accessible to the sendmail wrapper.
[EMAIL PROTECTED] wrote:
On a default install of Courier, "sendmail" is setuid root.
Hmm, thanks to you both, I indeed missed that. I'm running Courier 0.42
on Debian/testing, so I now checked whether the Debian packages do
properly install `sendmail` as "suid root", and it seems they do:
$ ls -la `which sendmail`
-r-s--x--x 1 root daemon 28088 2003-09-11 23:42 /usr/sbin/sendmail
$ sudo file `which sendmail`
/usr/sbin/sendmail: setuid ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV),
for GNU/Linux 2.2.0, dynamically linked (uses shared libs), stripped
(I did the `file` just out of interest and to provide more information, as
your `sendmail` seems to be much larger than mine -- but mine works
properly as long as I execute it as root, or I have no courierfilters
running, so I guess it's okay.)
No, it's not OK. Permissions on something is not set properly; for some
undefined value of âsomethingâ.
Try reporting this to the Debian port maintainer; have the port maintainer
double-check the permissions and ownership of everything.
pgp00000.pgp
Description: PGP signature
