Oh dear, this was meant for Konrad only.
Michael, nothing personal against you, just a Friday afternoon and been
struggling with customers that break things all week, guess I am just abit
tired.
Sorry
On Friday 21 February 2003 15:44, Willie Viljoen wrote:
> On Friday 21 February 2003 15:35, you wrote:
> > Did you copy this to the mailing list?
>
> I seem to have forgotten to CC the list, thanks catching that, I'll
> resend to them right away :)
>
> I also can't believe anyone
>
> > would be daft enough to compile exim to run as root - amazing.
>
> Stranger things have happened, don't tell anybody I said so, but I'll bet
> this guy is a "highly qualified IT professional", yay. I've seen people
> do this before, usually it's because they started out with some "made for
> market" SuSE or Red Hat automatic installation, and when they compiled
> Exim properly, it couldn't deliver because they forgot to set proper
> permissions on most of /var, then they recompile and run as root. I'm
> amazed this guy has even gone to the trouble of asking, mostly they just
> comment out never_users = root and report it as a bug ;)
>
> Will
>
> > On Fri, 2003-02-21 at 13:34, Willie Viljoen wrote:
> > > Exim can really use any user you like, as long as that user is not on
> > > the never_users list. However, compiling it to run as root is a
> > > *REALLY* stupid idea. If there is a security hole in the code, your
> > > system can be fully compromised by a remote atacker.
> > >
> > > Virtually all systems have a user mail (UID 8) and a group mail (GID
> > > 12) for handling this. Compile with EXIM_USER=mail and
> > > EXIM_GROUP=mail and then set never_users = root in your configuration
> > > file.
> > >
> > > As long as permissions on your spool directory and /var/mail are
> > > correctly set up, Exim does not ever need to run as root.
> > >
> > > Will
> > >
> > > On Friday 21 February 2003 15:23, Konrad Michels wrote:
> > > > I may be mistaken, but I'm sure you're supposed to set the
> > > > compile-time option of EXIM_USER= to something OTHER than root. At
> > > > least this is the way I've always compiled exim! Assuming you have
> > > > a user "exim" on your system, set the EXIM_USER= to "exim",
> > > > recompile and you should be able to uncomment "never_user" so that
> > > > it works properly.
> > > >
> > > > Later
> > > > Konrad
> > > >
> > > > On Fri, 2003-02-21 at 13:23, Michael Daly wrote:
> > > > > Hi,
> > > > >
> > > > > I am using exim 4.12 on suse linux 8.0 and can not get it working
> > > > > with never_users=root defined (this worked for me with exim3.xx).
> > > > > The spool and log files all have set to user root and group root.
> > > > > I compiled the source code with EXIM_USER=root. With never_users
> > > > > commented out exim works fine but I get the impression it should
> > > > > be included.
> > > > >
> > > > > Michael.
> > > > >
> > > > > #################################################################
> > > > >## ### 2003-02-21 09:25:29 18m9QZ-0002OA-00 <=
> > > > > root@??? U=root P=local S=311
> > > > > 2003-02-21 09:25:29 18m9QZ-0002OA-00 User 0 set for remote_smtp
> > > > > transport is on the never_users list
> > > > > 2003-02-21 09:25:29 18m9QZ-0002OA-00 == yorksmdaly@???
> > > > > R=dnslookup T=remote_smtp defer (-29): User 0 set for remote_smtp
> > > > > transport is on the never_users list
> > > > > #################################################################
> > > > >## ###
> > > > >
> > > > >
> > > > >
> > > > > --
> > > > >
> > > > > ## List details at
> > > > > http://www.exim.org/mailman/listinfo/exim-users Exim details at
> > > > > http://www.exim.org/ ##
> > > >
> > > > --
> > > > *******************************************************************
> > > >** ** *
> > > > * Konrad Michels
> > > > * System Administrator
> > > > * Surfkitchen Limited
> > > > * Abbey House
> > > > * 1650 Arlington Business Park
> > > > * Theale
> > > > * RG7 4SA
> > > > * United Kingdom
> > > > * Tel: +44 118 929 8079
> > > > *
> > > > *******************************************************************
> > > >** **
> > > >
> > > > --
> > > >
> > > > ## List details at http://www.exim.org/mailman/listinfo/exim-users
> > > > Exim details at http://www.exim.org/ ##
>
> --
> Willie Viljoen
> Freelance IT Consultant
>
> 214 Paul Kruger Avenue, Universitas
> Bloemfontein
> 9321
> South Africa
>
> +27 51 522 15 60
> +27 51 522 44 36 (after hours)
> +27 82 404 03 27 (mobile)
>
> will@???
>
> --
>
> ## List details at http://www.exim.org/mailman/listinfo/exim-users Exim
> details at http://www.exim.org/ ##
--
Willie Viljoen
Freelance IT Consultant
214 Paul Kruger Avenue, Universitas
Bloemfontein
9321
South Africa
+27 51 522 15 60
+27 51 522 44 36 (after hours)
+27 82 404 03 27 (mobile)
will@???
