On Fri, 16 May 1997, Philip Hazel wrote:
> I'm stumped. Since require_files can apply to any director it is indeed
> done as the exim uid, as there isn't (in general) any other uid to do it
> as.
A couple of suggestions. Now I'm more of an Amiga person than a unix one,
I haven't had a chance to really learn software under unix yet. On the
amiga, it was really easy to do inter-process communication, so you could
have left a small task out there as root to do the checking for you. Is
the same true of unix?
Barring that, it sounds to me like you're either going to have to switch
back and forth into root as the UID, or run down the passwd file looking
for .forwards and .procmailrcs before giving up root.
Now, that being said, I really appreciate the effort you've gone to to
make sure exim doesn't have to run as root. However, I've had to reduce
the security on my mail spool, and now there's this home directory issue
(which I should have thought of before).
IMO reducing the security on a bunch of directories is a much larger
security breach than running a trusted program. You should only exit root
when actually running external programs I think.
Jay
* Jay Denebeim, Moderator, rec.arts.sf.tv.babylon5.moderated *
* newsgroup submission address: b5mod@??? *
* moderator contact address: b5mod-request@??? *
* personal contact address: denebeim@??? *
