Subject: Re: sendmail's aliases.db distribution
To: None <itojun@iijlab.net>
From: Tim Rightnour <root@garbled.net>
List: tech-userlevel
Date: 08/19/2000 08:38:31
On 18-Aug-00 itojun@iijlab.net wrote:
>         stock sendmail had a flag to do this (AutoRebuildAliases), but is
>         deprecated for security reasons (DoS attack with non-writable
>         /etc/aliases.db file, i suppose) and will be removed in the future.
>         so i think we should not take this route.

I really don't want it to autorebuild aliases all the time.  I was just looking
for some way to put a special file in there that could trigger it "one time
only" so to speak.

What I really don't want to see, is sendmail rebuilding the alias file every
time on boot, just so we don't have to build that db file.  Perhaps rc.sendmail
could do something like:

if sendmail=yes && aliases.db is zero byte rebuild.  Otherwise, leave it alone
and assume the admin knows what he is doing.

---
Tim Rightnour <root@garbled.net>
NetBSD: Free multi-architecture OS http://www.netbsd.org/
NetBSD Mailing lists on the web: http://mail-index.netbsd.org/