[exim-dev] Running exim from nonpriveleged user and exim spo…

Pàgina inicial
Delete this message
Reply to this message
Autor: tux2002
Data:  
A: exim-dev
Assumpte: [exim-dev] Running exim from nonpriveleged user and exim spool directory
Good day!First sorry my English.I use exim-4.69. I run exim from user exim and primary group exim.Currently my exim binary file have exim:exim ownership and setuid and setgid.I mean that setuid is excess privelege. How about add functionality, when exim work with files in his spool with umask 007 for example, and newer chown file in his spool?I mean that allow do exim binary file only setgid.
For example:1. User send email via mailx and via sgid exim binary,so spool file have 660 mode and user:exim ownership.exim can manage this file.2. Exim recieve email via smtp, so spool file have 660 mode and exim:exim ownership.exim can manage this file.3. For example: Exim is member of clamav group and put files into scan directory with mode 640 and exim:clamav ownership.

Thanks!