On Fri, 16 May 1997, Philip Hazel wrote:
> Actually, Exim hasn't totally given up root when processing
> require_files; it has only done so using seteuid(), so that it can get
> it back in order to use setuid() to do local deliveries. It could be
> changed to ensure that it is root when searching for require_files.
I can't see how checking for a file's existance is a security breach. If
it's simple enough to become root again at that point, I'd say go for it.
I, for one, am uncomfortable with people being able to see into my home
directory, and I'd prefer you be root at that point.
(of course, it's likely that the home directories are NFS mounted, which
even root generally can't get into.)
Oh, waitasec... If you've got root at the time, why can't you just change
your euid to the person who owns the directory? That would take care of
that problem.
Jay
* Jay Denebeim, Moderator, rec.arts.sf.tv.babylon5.moderated *
* newsgroup submission address: b5mod@??? *
* moderator contact address: b5mod-request@??? *
* personal contact address: denebeim@??? *
