Author: Sheldon Hearn Date: To: Tamas TEVESZ CC: Gustav H Meyer, exim-users Subject: Re: [Exim] Solaris 2.6, Perl 5.6.1, exim 3.22 - Can't open pipe
On Thu, 28 Jun 2001 18:09:16 +0200, Tamas TEVESZ wrote:
> yes, it has the security hazards. what doesn't ?
The advantage of this approach, however, is that the only code that
needs to be heavily scrutinized from a security point of view is that
code which is executed prior to dropping privelege.
Since the security of software will tend to depend on the scrutiny it
has received (quality and quantity), this approach is really, really
good.
Of course, if you don't need user-configurable local deliveries, you can
drop setuid root altogether and setgid exim_group. :-) Takes a little
thought, but it works nicely.