paths and permissions
Greg McCann
greg at cambria.com
Fri Feb 27 20:59:04 CET 2004
On 2/27/2004 at 11:25 AM David Relson <relson at osagesoftware.com> wrote:
> uid=1013(linda) gid=502(users) euid=0(root) egid=12(mail)
>groups=502(users)
On my system, I get this (for user account "spamtrap"):
uid=541(spamtrap) gid=541(spamtrap) groups=541(spamtrap)
Security is not my strongest point, so someone please correct me if I'm wrong, but doesn't your "euid=0(root)" mean that the process is running with root privs? The fact that any user can get a procmail process to write to a non-world-writable file on your system seems to confirm this.
Obviously, if a non-root user can run commands as root by placing them in his .procmailrc, this is a Bad Thing.
Greg
More information about the Bogofilter
mailing list