[Exim] initgroups() when dropping privilege?

Pàgina inicial
Delete this message
Reply to this message
Autor: John Dalbec
Data:  
A: exim-users
Assumpte: [Exim] initgroups() when dropping privilege?
I use a mailing list manager (Sympa) that seems to want a particular
file (/etc/mail/sympa_aliases) to be accessible only to members of the
"sympa" group. Unfortunately, Exim needs to access the file (as Exim)
to be able to verify senders and recipients. I could add the Exim user
to the "sympa" group, but since Exim does not do initgroups() when
dropping privilege, this doesn't help. Would doing initgroups()
introduce any security issues? Presumably on most systems the Exim user
would belong only to the Exim group.
Thanks,
John Dalbec