Autor: John Dalbec Data: A: exim-users Assumpte: [Exim] initgroups() when dropping privilege?
I use a mailing list manager (Sympa) that seems to want a particular
file (/etc/mail/sympa_aliases) to be accessible only to members of the
"sympa" group. Unfortunately, Exim needs to access the file (as Exim)
to be able to verify senders and recipients. I could add the Exim user
to the "sympa" group, but since Exim does not do initgroups() when
dropping privilege, this doesn't help. Would doing initgroups()
introduce any security issues? Presumably on most systems the Exim user
would belong only to the Exim group.
Thanks,
John Dalbec