RE: [Exim] Exim 4: Opinion wanted on file checking

Top Page
Delete this message
Reply to this message
Author: John Horne
Date:  
To: exim-users
Subject: RE: [Exim] Exim 4: Opinion wanted on file checking
On 13-Mar-01 at 11:10:55 Philip Hazel wrote:
> In Exim 4 things are going to be different. For added security, the
> seteuid() function is not used anywhere in the code. Consequently, the
> routers run as root when processing a message for delivery.[2] The only
> time when root may not be able to stat() a path is if the path is NFS
> mounted without root access. Question:
>
> Is this a sufficiently important case for the ability to check files
> as some other user to be retained? The only way to implement it
> without using seteuid() is to fork another process that becomes the
> other user.
>
> My own feeling is that we probably no longer need this, but you may
> disagree...
>

We use 'require_files', but with local mailboxes (not NFS mounted). The only
problem (?) I could see is that we use it with the '+' option - whereby the
EACCES error is treated as a non-existant file and the director is, thus,
skipped. By running as root I would expect EACCES not to occur and hence the
director (or subsequent transport) would run and (probably) give some other
error - not what is wanted.

Regards,

John.

------------------------------------------------------------------------
John Horne, University of Plymouth, UK           Tel: +44 (0)1752 233914
E-mail: jhorne@???
PGP key available from public key servers