Subject: Re: OK, so how do we slam shut this sendmail problem once and for all?
To: John Kohl <email@example.com>
From: Simon J. Gerraty <firstname.lastname@example.org>
Date: 08/31/1995 22:24:28
> How difficult would it be to make sendmail run as an unprivileged user?
On a firewall system - not hard at all.
I use smap/smapd to receive smtp from the Internet, and sendmail is
run on the queue.
I'm not sure whether one could craft a message to travel through smap
in such a way that when sendmail is run on it the syslog bug can be
exercised - guess I'll have to give it a try... but if sendmail is
running as nobody and/or chrooted, then not much harm would be done
Now for a general use machine you'd have a lot of work to do.