On Mon, 28 Apr 1997, Philip Blundell wrote:
> I notice that only admin users are allowed to use `sendmail -q' to force a
> queue run these days (I think this is relatively new behaviour in Exim).
Yes, it is.
> However, any user still seems to be able to achieve much the same effect
> by gathering a list of message-ids in the queue (easily done with mailq |
> awk) and passing the result as an argument to `sendmail -M'.
>
> This strikes me as a bit inconsistent. I can't think of any reason why
> the ability to force a queue run should be a security hazard but the
> ability to ask for specific messages to be delivered isn't - but perhaps
> I'm missing something.
I think I picked up something on the net when I implemented this
behaviour of -q. A bloody-minded user could perhaps waste your machine's
resources by firing off a zillion queue runs.
You are right in that -M should probably be controlled in the same way,
if only for consistency.
--
Philip Hazel University Computing Service,
ph10@??? New Museums Site, Cambridge CB2 3QG,
P.Hazel@??? England. Phone: +44 1223 334714
