[cyr]deliver, executed as <user>, should have <user>'s permissions
ms419 at freezone.co.uk
ms419 at freezone.co.uk
Tue Apr 6 05:27:34 EDT 2004
Trying to do mail filtering to cyrus imapd using procmail instead of
sieve. I'm putting "| [cyr]deliver -m blah-folder" into my
"~/.procmailrc", instead of the global "/etc/procmailrc"; this fails:
"couldn't connect to lmtpd: Permission denied_ procmail: Program
failure (75) of "/usr/sbin/cyrdeliver" )" I suspect this is because
[cyr]deliver is executed as my user, instead of "root.mail" - as it
should be, or any command could be run as root from "~/.procmailrc"
How do others get around this?
It occurred to me to make [cyr]deliver suid ... The problem I then see
is that any user could deliver to any other user's mailbox -
circumventing filtering, etc. Fundamentally, what I'd like is to
authenticate to [cyr]deliver such that those users permitted to post to
a mailbox (and root) could deliver messages to it ... Is this possible,
or provably a bad idea?
Thanks,
Jack
---
Home Page: http://asg.web.cmu.edu/cyrus
Wiki/FAQ: http://cyruswiki.andrew.cmu.edu
List Archives/Info: http://asg.web.cmu.edu/cyrus/mailing-list.html
More information about the Info-cyrus
mailing list