Subject: Re: OK, so how do we slam shut this sendmail problem once and for all?
To: John Kohl <firstname.lastname@example.org>
From: Perry E. Metzger <email@example.com>
Date: 08/31/1995 04:22:21
John Kohl writes:
> I'm getting tired of new-and-different sendmail holes arriving every so
> How difficult would it be to make sendmail run as an unprivileged user?
That wouldn't have fixed the problem that just popped up -- it was
really a syslog(3) problem.
> Give it rights to deliver mail locally (through a privileged delivery
> agent which can be many fewer lines of code and easier to audit), throw
> it in a chroot-ed environment, and don't let it out of its cage.
> That should reduce the potential exposure to just destroying/stealing
> local mailboxes. Can folks live without .forward files piping mail to
> an agent and/or other random-execution paths?
People talk about this sort of thing all the time. In general, I'd say
its a good idea, but truly I think a lot more ought to be fixed at the