Re: Local delivery problems on FreeBSD

Top Page
Delete this message
Reply to this message
Author: Nigel Metheringham
Date:  
To: Philip Crewdson
CC: Greg A. Woods, exim-users
Subject: Re: Local delivery problems on FreeBSD
} Sounds good. Can exim be configured not to adopt the recipient's ID?

} >FYI, using a unique group for the mailer, and making mailboxes 660 and
} >the mail directory 775, and making the mailer setgid is the solution
} >AT&T SyV has been using since R2 or before. When combined with a
} >wrapper to open the SMTP socket, it makes for a very much more secure
} >mail system (so long as no user can be a member of the mail group). The
} >only damage a cracker can do via the mailer is then limited to mail.

This ought to be possible, However the mailboxes need to be created
initially - alhough Sys V does allow non root to chown to someone else, so
I guess the initial "giving away" of the mailbox to the owning user could
be done that way - which would need extra code in exim I guess.

    Nigel.
-- 
[ Nigel.Metheringham@???   - Unix Applications Engineer ]
[ *Views expressed here are personal and not supported by PLAnet* ]
[ PLAnet Online : The White House          Tel : +44 113 251 6012 ]
[ Melbourne Street, Leeds LS2 7PS UK.      Fax : +44 113 2345656  ]