On Wed, 5 Nov 2003, Simon Vallet wrote:
> I just don't understand why Exim drops its root privileges (and then
> fails to setgid): when started as a root user, it should retain them,
> even with the -C command-line option.
As has been discussed a couple of times on the list, the -C option isn't
really suitable for certain types of production system. It was invented
for testing/debugging. The problems arise because of the way Exim is
designed - using re-execution in order to regain root privilege. If an
Exim process that was started with -C (and which kept its privilege
because it was started by root) runs a sub-process that is *not* run as
root or exim, and that process wants to re-execute Exim, it will pass on
the -C argument, but privilege will be lost. A typical example is a
delivery process that runs an autoreply transport as an ordinary user in
order to send a vacation message.
I don't know if this problem is the one that is actually hitting you.
Sorry, but I haven't the time to look more closely. However, I suggest
you run some tests using -d to get debugging output. This should show
the times when Exim changes uid, and therefore give more information as
to exactly what is going on.
--
Philip Hazel University of Cambridge Computing Service,
ph10@??? Cambridge, England. Phone: +44 1223 334714.
Get the Exim 4 book: http://www.uit.co.uk/exim-book
