paths and permissions
David Relson
relson at osagesoftware.com
Mon Feb 23 17:27:59 CET 2004
On Mon, 23 Feb 2004 11:16:32 -0500
Eric Wood wrote:
> David Relson wrote:
> > -rwsr-sr-x 1 root mail 72536 Jul 11 2003
> > /usr/bin/procmail*
>
> On newer RH's boxes I get:
> -rwxr-xr-x 1 root root 95400 Dec 12 22:54
> /usr/sbin/sendmail.postfix
> -rwxr-sr-x 1 root smmsp 734432 Dec 13 00:15
> /usr/sbin/sendmail.sendmail
> -rwxr-xr-x 1 root mail 80064 Dec 12 23:01
> /usr/bin/procmail
>
> Users can't simply run them get setuid priveleges. I'm really
> suspect of your procmail attributes. Wouldn't that mean any user can
> write a recipe and blow away any file on the system using your
> procmail binary!?
>
> MTA's (ie, postfix and sendmail) do have to run as root (called by
> root) in order to read everyones .foward files.
>
> -Eric Wood
Interesting... postfix isn't setuid, but postdrop, postqueue, and
procmail are.
-rwxr-xr-x 1 root root 57112 Mar 6 2003
/usr/sbin/postfix*
-rwxr-xr-x 1 root root 120024 Mar 6 2003
/usr/sbin/postalias*
-rwsr-sr-x 1 root mail 71608 Feb 23 2002
/usr/bin/procmail*
-rwxr-sr-x 1 root postdrop 81048 Mar 6 2003
/usr/sbin/postdrop*
-rwxr-sr-x 1 root postdrop 72664 Mar 6 2003
/usr/sbin/postqueue*
More information about the Bogofilter
mailing list