Re: [exim-dev] user file write permissions

Top Page
This message is part of the following thread:
M\the complete thread tree sorted by date
MMAndrew C Aitchison at <-
 
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-dev
Subject: Re: [exim-dev] user file write permissions
On 24/04/2023 02:43, exim--- via Exim-dev wrote:
> I am curious as to how exim writes to a users home directory. I have done a lot of searching and could not find anything specific.
>
> as exim runs as an unprivileged user as far as I can tell it has no rights to modify a users home folder, yet it does.
>
> What part of the puzzle am I missing?

Traditional installations of Exim have the binary as setuid root.
Given that, it can set it's UID to the user's when needing to
deliver to file.

It runs for most of the time at non-root (eg. an "exim" user), to reduce
the security footprint, and re-execs to regain root at transport time.
--
Cheers,
Jeremy


This message was posted to the following mailing lists:
Exim-dev
Mailing List Info | Nearby Messages		<-Re: [exim-dev] user file write permissions[exim-dev] SASL error message->
Tahini and Hummus and Cumin Development Archives administrated by cumin AdminsLurker (version 2.3)