Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!think.com!spool.mu.edu!uunet!uaisun4!mrl
From: mrl@uai.com (Mark R. Ludwig)
Newsgroups: comp.mail.sendmail
Subject: Re: inappropriate checks when mailing to a file
Message-ID: <1991May15.220551.4472@uai.com>
Date: 15 May 91 22:05:51 GMT
Article-I.D.: uai.1991May15.220551.4472
References: <1232@nikhefh.nikhef.nl> <1991May14.044620.18159@mp.cs.niu.edu>
Sender: mrl@uai.com (Mark R. Ludwig)
Reply-To: mrl@uai.com (Mark R. Ludwig)
Organization: Universal Analytics, Inc., Playa del Rey (LA), CA
Lines: 15
In-Reply-To: rickert@mp.cs.niu.edu (Neil Rickert)

In article <1991May14.044620.18159@mp.cs.niu.edu> Neil Rickert writes:
>At least in recent versions of sendmail there is another option.  Simply
>do:  chmod 4600 /path/to/file
>and since the 'suid' bit is on, but no 'x' bit is on, sendmail uses the
>uid of the file owner.

Having no access to sendmail sources, I have to ask: what does it mean
to use the uid of the file owner if the file isn't executable?  Do you
mean that sendmail changes to that uid before trying to deliver the
mail into the file?  If sendmail is root in the first place, I don't
see the benefit.$$
-- 
INET: mrl@uai.com       UUCP: uunet!uaisun4!mrl       PSTN: +1 213 822 4422
USPS: 7740 West Manchester Boulevard, Suite 208, Playa del Rey, CA  90293
WANT: Succinct, insightful statement to occupy this space.  Inquire within.