[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: mail.local vs. Smail3

To: Louis Bertrand <louis@signalpath.on.ca>
Subject: Re: mail.local vs. Smail3
From: Theo de Raadt <deraadt@cvs.openbsd.org>
Date: Mon, 04 Jan 1999 13:19:51 -0700
cc: OpenBSD Misc List <misc@openbsd.org>

> I would like to make changes to the way OpenBSD delivers and stores mail.
> It's silly and needlessly paranoid to insist that mail.local run as root.
> Instead, the files in the mail spool directory (/var/mail/<user>) should 
> have gid=mail and run mail.local with gid mail and uid nobody (as Smail
> prefers).

Considering all the problems that come from having the spool operate
under another gid (various NFS cooperation issues and such), what are
the supposed security benefits which you see from running the spool as
non-root?

Because, to be honest, I don't see any benefits.

Follow-Ups:
- Re: mail.local vs. Smail3
  - From: Louis Bertrand <louis@signalpath.on.ca>

References:
- mail.local vs. Smail3
  - From: Louis Bertrand <louis@signalpath.on.ca>

Prev by Date: Re: mail.local vs. Smail3
Next by Date: Re: mail.local vs. Smail3
Prev by thread: Re: mail.local vs. Smail3
Next by thread: Re: mail.local vs. Smail3
Index(es):
- Date
- Thread