On Tue, Feb 04, 2003 at 10:27:41AM -0800, Horst wrote: > > | ~~~~~~~ from the /etc/postfix/aliases ~~~~~~~~~ > > | ... > > | # For various security reasons, postfix WILL NOT deliver mail as root, so > > | # ensure that the root alias is aliased to a HUMAN user, as otherwise > > | # mail may get delivered to the $default_privs user (nobody). > > | ... > > [snip] > ... > > > > It's a bad idea for root to recieve mail directly (ie. because > > you then invoke a mail client as root, and read a spool file > > full of potentially malicious data from the net).
The main problem is described in the first paragraph from the postfix aliases file, and is stated in the postfix faq: http://www.postfix.com/faq.html#root "If you use procmail (or some other command) for local mail delivery, Postfix will not deliver mail as root. Instead, Postfix runs procmail (or whatever) as nobody. Perhaps some day Wietse will trust Postfix enough to run external commands as root." Cory _______________________________________________ Eug-LUG mailing list [EMAIL PROTECTED] http://mailman.efn.org/cgi-bin/listinfo/eug-lug
