Re: [Exim] exim & intetd

Top Page
Delete this message
Reply to this message
Author: Philip Hazel
Date:  
To: Kai Henningsen
CC: exim-users
Subject: Re: [Exim] exim & intetd
On 9 Jan 2002, Kai Henningsen wrote:

> > Does anybody have any good ideas for detecting "called from inetd"?
>
> Why do you *need* that?
>
> > "stdin is a socket" on its own is not good enough - any user could set
> > that up.
>
> And why is that a problem?
>
> Seems to me Exim should react the same to "I'm being fed mail via a pre-
> connected socket" regardless who did it.



This would mean that a user could run a program which listened on some
non-privileged port, waited for a connection, and passed it on to Exim.
Exim would behave as if called from inetd, doing the host checking etc.

This means that an unprivileged user could open up the server to
non-privileged ports. I think this is probably a bit of a security
exposure that some people would not like.

--
Philip Hazel            University of Cambridge Computing Service,
ph10@???      Cambridge, England. Phone: +44 1223 334714.