The smtpq process runs as a separate user as the smtpd process to provide a level of security isolation between processes.
A user who has gained smtpq privileges is able to, of course, kill the opensmtpd process running as smtpq user. Unfortunately, this results in all the other processes of the daemon terminating, even the ones running as a different user. This shouldn't happen. It seems like the [priv] process should respawn killed child processes when it detects one of the pipes is broken or by other means of detection. This would be a nice behavior beyond merely fixing the specific security issue with smtpq. -- You received this email because you are subscribed to the "[email protected]" list To unsubscribe, send mail with subject: [[email protected]] unregister
