On Wed, 22 Feb 2006, Jürgen Herz wrote:
> also after reading through chapter 51, I'm not sure what's up here.
The answer to your question is "sometimes". The point is that Exim
doesn't run as a single process. It uses many processes, and some of
them re-exec the binary in order to regain root privilege. Exim's
process structure is described in chapter 11 of the Exim 4 book.
> On my system (Debian Sarge) the exim (4.60) binary is as following:
> -rwsr-xr-x 1 root root 811224 2006-01-22 11:53 /usr/sbin/exim4
That looks standard.
> It's started on system startup and its parent is user 1. ps says it runs
> as user Debian-exim and group Debian-exim (euid, egid, ruid and rgid are
> 102 too).
What is running isn't "Exim", it is "an Exim daemon process", which
indeed should not be running as root once it has started up.
> And regardless of this, it can write in directories with
> drwx------ normaluser users
> and call e.g. maildrop with uid=1000 (normaluser) and gid=100 (users).
>
> How does this work if it's not root?
When it wants to deliver a message, it starts a new delivery process,
and re-execs the binary in order to regain root privilege. The delivery
process does one job, then terminates.
--
Philip Hazel University of Cambridge Computing Service
Get the Exim 4 book: http://www.uit.co.uk/exim-book
--
## List details at http://www.exim.org/mailman/listinfo/exim-users
## Exim details at http://www.exim.org/
## Please use the Wiki with this list - http://www.exim.org/eximwiki/
