Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!think.com!samsung!munnari.oz.au!cs.mu.OZ.AU!cs.mu.oz.au!kre
From: kre@cs.mu.oz.au (Robert Elz)
Newsgroups: comp.mail.sendmail
Subject: Re: inappropriate checks when mailing to a file
Message-ID: <kre.674864698@mundamutti.cs.mu.OZ.AU>
Date: 21 May 91 22:24:58 GMT
References: <1232@nikhefh.nikhef.nl> <1991May14.044620.18159@mp.cs.niu.edu> <1991May15.220551.4472@uai.com> <1991May16.115422.22361@mp.cs.niu.edu>
Sender: news@cs.mu.OZ.AU
Organization: Comp Sci, University of Melbourne, Australia
Lines: 15

rickert@mp.cs.niu.edu (Neil Rickert) writes:

>With your comment "I don't see the benefit" I presume you point is that
>as root, it can automatically deliver.  That is true.

Is it really?   I think you'll find that if the setuid bit isn't set
on the file, then sendmail changes to either the user ID of the user
who sent the mail (for local mail) or its default user ID (often daemon)
to access the file.

In practice, a file needs to be setuid, or 666 mode, to work as
a destination for mail.  It can't have execute permission (sendmail
won't write to it if it does), so the setuid is harmless.

kre