Author: Todd Lyons Date: To: Robert Blayzor CC: exim-users@exim.org Subject: Re: [exim] Rejecting over quota at RCPT time - revisited
On Thu, Nov 29, 2012 at 8:07 AM, Robert Blayzor <rblayzor.bulk@???> wrote: > On Nov 29, 2012, at 11:03 AM, Todd Lyons <tlyons@???> wrote:
>> I've hit a major obstacle: We have our maildirs on a Netapp, nfs
>> mounted with root squash, and everything owned by a single
>> unprivileged user. Exim is running as euid 0, uid for "exim" and the
>
> So embedded perl in Exim doesn't run as the effective Exim user? That doesn't make sense or are you using your perl code some other way?
In my debugging output, I had it log the uid/euid and got some
interesting results. By default uid/euid is 0/0. If I set the euid
to 500 (my vmail user), then the debug output said it was running as
0/93 (93 is user "exim" on CentOS). If I set the uid to 500, then
debug outside said it was running as 93/0. So setting the uid/euid in
the embedded perl does successfully shed the uid 0, but then is
limited to the uid the exim binary is running as. To be honest, that
limitation seems like a good thing, b/c allowing people to set random
uid's could result in serious security holes.
...Todd
--
The total budget at all receivers for solving senders' problems is $0.
If you want them to accept your mail and manage it the way you want,
send it the way the spec says to. --John Levine