As for sendmail improvements. Is there any good reason that programs like vacation are being installed suid root in the "files" section of the sendmail.spec? At least on our systems that actually breaks the vacation functionality and is a potential security vulnerability. I just use cfengine to chmod it to 555. Vacation should be running as the user that executes it out of the .forward.
Purgestat, hoststat, mailq, and newaliases also have a definition to make them suid root during install, but those are all symbolic links to sendmail. So they seem unnecessary. Also since sendmail 8.12 and above sendmail probably doesn't even need to be owned by root anymore since it is no longer suid and uses the clientqueue to submit messages. Maybe I am just missing something and there is a good reason for it, but in our sendmail environment it isn't. Thanks, Mark Keller Systems Administrator Portland State University On Thursday 10 February 2005 1:13, Ralf S. Engelschall wrote: > On Wed, Feb 09, 2005, stephane Lentz wrote: > > [...] > > => BTW, there are is a sendmail 8.13.3 patch around that maybe should > > be taken into account see : > > http://www.sendmail.org/8.13.3.html#ERRATA > > [...] > > Now included into the OpenPKG-CURRENT "sendmail" package. > Thanks for the hint. > > Ralf S. Engelschall > [EMAIL PROTECTED] > www.engelschall.com > > ______________________________________________________________________ > The OpenPKG Project www.openpkg.org > User Communication List openpkg-users@openpkg.org ______________________________________________________________________ The OpenPKG Project www.openpkg.org User Communication List openpkg-users@openpkg.org
