> So the exim user has write access …, the directories are sgid <group>.
> So, any file created in this directory should be owned by the creator
> and the group <group>.
Correct, just as I imagined. In other words, the file uid must be equal
to the uid of the creator process and the gid equal to gid of the parent
directory, because of his setgid bit.
> If Exim doesn't run as a privileged user, Exim can't create files owned
> by anybody else then the exim user and the group, owning the directory.
>
> So, I'd expect to just work. Can you show us the permissions of files
> in new/, right after Exim created it?
drwxrws--- 5 exim 65536 4096 Ago 23 22:06 .
drwxrwx--- 3 exim root 4096 Ago 23 18:12 ..
drwxrws--- 2 exim 65536 4096 Ago 23 18:13 cur
drwxrws--- 2 exim 65536 4096 Ago 25 20:04 new
drwxrws--- 2 exim 65536 4096 Ago 25 20:04 tmp
-rw-rw---- 1 exim exim 777 Ago 25 19:47 1472165275.H150650P22153.gnu
-rw-rw---- 1 exim exim 780 Ago 25 20:04 1472166260.H478116P22558.gnu
I expected:
-rw-rw---- 1 exim 65536 777 Ago 25 19:47 1472165275.H150650P22153.gnu
-rw-rw---- 1 exim 65536 780 Ago 25 20:04 1472166260.H478116P22558.gnu
--
Ednardo Lobo
www.lobo.eti.br
