On Thu, Oct 02, 2003 at 12:24:27PM -0700, [EMAIL PROTECTED] wrote: > Ray Warren said: > > > If you want to use procmail globally you need to put procmailrc > in > > /etc.It will run as root so there are security issues.You can > > still use > > a .procmail in each users home directory for personal > > customization. > > What kind of security issues? > Sorry that is a little vague,I don't know of any specific exploits but Procmail can run any arbitrary shell 0r Perl script which will default to the privileges procmail has.So if you are running procmail as root,by default you give root privileges to any scripts called by your recipes. So the issues are the generic ones you have anytime a text based configuration can be used to grant root privileges to an arbitrary script.I do run procmail as root on one box at home to scan & despam my wifes mail before it goes to a pop3 server for pickup by her windows thing. Ray Warren
Want to buy your Pack or Services from MandrakeSoft? Go to http://www.mandrakestore.com
