On Fri, Dec 01, 2000 at 09:35:54PM -0500, J. Nick Koston wrote:
> On a shared hosting system one of the most inevitable things is
> spam. People like to upload a perl script that spams and take advantage of the
> fact that the webserver runs as nobody. I was wondering if it was
> possible for exim to log the parent pid's cwd and exe when it is
> called from a script/invoked by actually running /usr/sbin/exim or
> /usr/sbin/sendmail.
Any shared hosting environment that allows users to upload scripts and runs
them all as nobody is broken anyway. use the suexec tool of your choice, and
do it properly. You get to eliminate this problem, and a whole bunch of
others (what happens if their spam script looks for open relays on the net?)
, rather than having to deal with them on a case by case basis.
Michael
