Sam writes:
> Generally, it is absurd to make design decisions based on hypothetical
> security holes in hypothetical library calls, without any factual basis to
> warrant the hypothetical assumption.
The entire purpose of qmail's uid system is to protect against
hypothetical bugs. This saves lots of time for people reviewing
particular aspects of qmail's security: e.g., security for root, and
security for normal users, and security for local mail.
Evidently you're not this paranoid. Fine! qmail doesn't mind if you set
all the uids to 0 in auto_uid.c. Look, Ma, system-independent binaries!
Go ahead and share your binaries among uncoordinated systems.
You still have to set up an alias user on any system that does local
delivery; deliveries to root aren't allowed. But qmail-getpw will look
up the alias user at run time.
---Dan
