On Thu, Nov 29, 2012 at 8:07 AM, Robert Blayzor <[email protected]> wrote: > On Nov 29, 2012, at 11:03 AM, Todd Lyons <[email protected]> wrote: >> I've hit a major obstacle: We have our maildirs on a Netapp, nfs >> mounted with root squash, and everything owned by a single >> unprivileged user. Exim is running as euid 0, uid for "exim" and the > > So embedded perl in Exim doesn't run as the effective Exim user? That > doesn't make sense or are you using your perl code some other way?
In my debugging output, I had it log the uid/euid and got some interesting results. By default uid/euid is 0/0. If I set the euid to 500 (my vmail user), then the debug output said it was running as 0/93 (93 is user "exim" on CentOS). If I set the uid to 500, then debug outside said it was running as 93/0. So setting the uid/euid in the embedded perl does successfully shed the uid 0, but then is limited to the uid the exim binary is running as. To be honest, that limitation seems like a good thing, b/c allowing people to set random uid's could result in serious security holes. ...Todd -- The total budget at all receivers for solving senders' problems is $0. If you want them to accept your mail and manage it the way you want, send it the way the spec says to. --John Levine -- ## List details at https://lists.exim.org/mailman/listinfo/exim-users ## Exim details at http://www.exim.org/ ## Please use the Wiki with this list - http://wiki.exim.org/
