Path: utzoo!attcan!uunet!husc6!mailrus!cwjcc!hal!ncoast!allbery
From: allbery@ncoast.UUCP (Brandon S. Allbery)
Newsgroups: comp.mail.sendmail
Subject: Re: Non-root sendmail?
Message-ID: <13145@ncoast.UUCP>
Date: 18 Nov 88 22:28:26 GMT
References: <164@heart-of-gold> <3031@haven.umd.edu>
Reply-To: allbery@ncoast.UUCP (Brandon S. Allbery)
Followup-To: comp.mail.sendmail
Organization: Cleveland Public Access UN*X, Cleveland, Oh
Lines: 21

As quoted from <3031@haven.umd.edu> by louie@trantor.umd.edu (Louis A. Mamakos):
+---------------
| sendmail runs as root for the rather obvious reason that it needs to bind
| a socket to a restricted port number (25 == SMTP).  Before sendmail exec()'s
| any processes, it does a setuid() to UID 1, which is daemon.  None of the
| virus processes running on our system ran as root; rather they ran as
| daemon.
+---------------

Is it possible to run sendmail on a UUCP-only system without any setuid, but
instead setgid mail like the System III/V mailer?  What kinds of changes
would it take?  (Note that ncoast will most probably NEVER run any kind of
networking, so there's no reason for us to keep a setuid-root mailer.)

++Brandon
-- 
Brandon S. Allbery, comp.sources.misc moderator and one admin of ncoast PA UN*X
uunet!hal.cwru.edu!ncoast!allbery  <PREFERRED!>	    ncoast!allbery@hal.cwru.edu
allberyb@skybridge.sdi.cwru.edu	      <ALSO>		   allbery@uunet.uu.net
comp.sources.misc is moving off ncoast -- please do NOT send submissions direct
      Send comp.sources.misc submissions to comp-sources-misc@<backbone>.