Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!usc!elroy.jpl.nasa.gov!swrinde!mips!pacbell.com!att!linac!mp.cs.niu.edu!rickert
From: rickert@mp.cs.niu.edu (Neil Rickert)
Newsgroups: comp.mail.sendmail
Subject: Re: inappropriate checks when mailing to a file
Message-ID: <1991May16.115422.22361@mp.cs.niu.edu>
Date: 16 May 91 11:54:22 GMT
References: <1232@nikhefh.nikhef.nl> <1991May14.044620.18159@mp.cs.niu.edu> <1991May15.220551.4472@uai.com>
Organization: Northern Illinois University
Lines: 23

In article <1991May15.220551.4472@uai.com> mrl@uai.com (Mark R. Ludwig) writes:
>Having no access to sendmail sources, I have to ask: what does it mean
>to use the uid of the file owner if the file isn't executable?  Do you
>mean that sendmail changes to that uid before trying to deliver the
>mail into the file?  If sendmail is root in the first place, I don't
>see the benefit.$$

  That is exactly what it means.  For delivery to such a file, sendmail
changes uid to the file's owner before attempting do deliver to the file.

  With your comment "I don't see the benefit" I presume you point is that
as root, it can automatically deliver.  That is true.  But there may be
reasons which would prevent the owner from writing to that file, and
sendmail should observe those.  For example the system might support some
weird form of file locking which root would automatically override.
For a specific case, root can override disk quotas, but the file owner
cannot.  Changing to the file owner is just good programming.

-- 
=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=*=
  Neil W. Rickert, Computer Science               <rickert@cs.niu.edu>
  Northern Illinois Univ.
  DeKalb, IL 60115                                   +1-815-753-6940