Re: [exim-dev] user file write permissions

Top Page
Delete this message
Reply to this message
Author: Jeremy Harris
Date:  
To: exim-dev
Subject: Re: [exim-dev] user file write permissions
On 24/04/2023 02:43, exim--- via Exim-dev wrote:
> I am curious as to how exim writes to a users home directory. I have done a lot of searching and could not find anything specific.
>
> as exim runs as an unprivileged user as far as I can tell it has no rights to modify a users home folder, yet it does.
>
> What part of the puzzle am I missing?


Traditional installations of Exim have the binary as setuid root.
Given that, it can set it's UID to the user's when needing to
deliver to file.

It runs for most of the time at non-root (eg. an "exim" user), to reduce
the security footprint, and re-execs to regain root at transport time.
--
Cheers,
Jeremy