I'd like to commit the attached patch for seperating
"daily insecurity reports" via /etc/security from
"daily output" from /etc/daily (using $SECMAILTO).

At the moment, both the daily out and the security output go to
$MAILTO, which defaults to root.

I'd like this seperation so that security reports can go to a wider
audience than daily reports (because most do not wish to read daily
reports with "nothing interesting to report"). Since at the moment
I've tightened down security reports so they are indeed silent most
days except when something interesting happens (I'd like to hear from
people running -current for whom the daily insecurity report produces
daily output that is not filterable via the available security.conf
knobs).

Previously we had this seperation (albeit less flexably) prior
to rev 1.23 in 1997, when the security report always went to root,
but the daily report was configurable via $MAILTO.

Is there any feedback?

--jhawk

--- daily	2003/09/29 06:59:03	1.3
+++ daily	2003/11/18 03:42:28	1.4
@@ -30,6 +30,10 @@
 	MAILTO=root
 fi
 
+if [ -z "$SECMAILTO" ]; then
+	SECMAILTO="$MAILTO"
+fi
+
 echo ""
 echo "Uptime: " `uptime`
 
@@ -238,7 +242,7 @@
 	fi
 	if [ -s "$SECOUT" ]; then
 		mail -s "$host daily insecurity output for $date" \
-		    $MAILTO < "$SECOUT"
+		    $SECMAILTO < "$SECOUT"
 	fi
 fi