On Wed, 6 Aug 1997, Chris Harris wrote:
> We currently have exim set up to run as an exim user, instead of root,
> where possible. Mostly, this seems like a good idea. However, yesterday,
> one of our more paranoid users did a chmod 700 on his home directory, and
> now exim cannot tell whether or not he has a .procmailrc file (which
> our set of directors checks for with require_files) and, thus, all of this
> user's mail is getting deferred.
The next release of Exim, currently available for testing as version
1.651, contains a facility for specifying under which uid the
require_files check is to be done. From the NewStuff file:
47. The stat() that is used to test for files listed in the generic director
and router option require_files is normally run under the exim uid (or root if
such is not defined). It is now possible to arrange for this test to be run
under a specific uid and gid (which is done by means of seteuid() and
setegid()). This is done as follows:
If an item in a require_files list does not contain any / characters, it is
taken to be the user (and optional group, separated by a comma) to be used for
testing subsequent files. If no group is specified but the user is specified
symbolically, then the gid associated with the uid is used; otherwise the gid
is not changed. Examples:
require_files = mail:/some/file
require_files = ${local_part}:${home}/.procmailrc
The second of those works because the require_files string is expanded before
use.
--
Philip Hazel University Computing Service,
ph10@??? New Museums Site, Cambridge CB2 3QG,
P.Hazel@??? England. Phone: +44 1223 334714
