Re: sendmail -bi (again)

Top Page
Delete this message
Reply to this message
Author: Nigel Metheringham
Date:  
To: Philip Hazel
CC: Robert Black, exim-users
Subject: Re: sendmail -bi (again)
} On Wed, 4 Sep 1996, Robert Black wrote:
}
} > How about two more configuration options:
}
} I'd prefer just one, bi_command, which if unset caused an error rather
} than being a no-op. The no-op scenario worries me.
}
} > Of course this still leaves the thorny problem of what uid and gid to use.
} > There are several options here. Suggestions?
}
} It would probably have to be root by default.

Very definitely it should be run as the invoking user.
Giving users the capability of running (a possibly non-existant)
program as root is not good. The ypmake stuff should be run as root
anyhow, so there is no need to give it extra privaleges.


r.black@??? said:
} It could be the invoking uid (ie set the euid to the uid and likewise
} with the group ids). Of course this is probably going to have to vary
} between OS's so root might be more portable. On relection this
} probably means that passing the args through would be a Bad Thing.
} They could contain backquotes and all sorts of nasties.

*and* don't pass any arguments through!

Alternatively only allow it to be invoked as root - ie no root then
exit in error.

    Nigel.


-- 
[ Nigel.Metheringham@???   - Unix Applications Engineer ]
[ *Views expressed here are personal and not supported by PLAnet* ]
[ PLAnet Online : The White House          Tel : +44 113 251 6012 ]
[ Melbourne Street, Leeds LS2 7PS UK.      Fax : +44 113 2345656  ]