On Tue, Sep 03, 2013 at 12:30:18PM +0200, Gilles Chehade wrote: > Nothing special, I created a user "lists" and gave him a .forward file that > executes the mlmmj manager. > > You can have a look at the documentation on their website. The only > difference with my setup is that it's plugged in the forward file instead > of aliases file as it is safer. >
A user asked me off-list why it's safer and since it's a question that I get asked every time I mention it, I'll just explain on the list :-) So why is it safer to use ~/.forward ? When an alias is created to map an email address to a program, such as a mailing list manager for example, having the mapping in the aliases file means that OpenSMTPD has no dedicated user for the program, it will exec it with its own privileges. When you create a user and use its .forward file to call the program, it will be executed with the privileges of that user. If the program you're invoking is buggy and someone manages to exploit a flaw in it, in one case it'll be with the privileges of the daemon while in the other case, it'll be some unrelated and unprivilged user. Oh and this is not an OpenSMTPD thing, it affects others afaik. If you are using /etc/aliases to execute a program, you should really do the extra steps to have it executed from a dedicated user's .forward, it is *always* possible with little or no work. -- Gilles Chehade https://www.poolp.org @poolpOrg -- You received this mail because you are subscribed to [email protected] To unsubscribe, send a mail to: [email protected]
