Bugtraq mailing list archives
sendmail 8.8.3 and DefaultUser and RunAsUser
From: mikedoug () texas net (Michael Douglass)
Date: Tue, 3 Dec 1996 14:48:41 -0600
Question on sendmail 8.8.3 (and probably 8.8.[12]): If you set: DefaultUser to 99:6 RunAsUser to 99 Sure, sendmail does this... But it does *NOT* reset the group list!!!
From Solaris 2.5.1 you can see the process credentials using
/usr/proc/pcreds. Anyone? (root) # ps -aef |fgrep sendmail smtpuser 3200 3199 0 13:53:17 ? 0:00 /usr/lib/sendmail -bd -q1h root 3199 1 0 13:53:16 ? 0:00 /usr/lib/sendmail -bd -q1h (root) # /usr/proc/bin/pcred 3200 3200: e/r/suid=99 e/r/sgid=6 groups: 1 0 2 3 4 5 6 7 8 9 12 (root) # /usr/proc/bin/pcred 3200 3199: e/r/suid=0 egid=6 rgid=1 sgid=6 groups: 1 0 2 3 4 5 6 7 8 9 12 This one is not too terribly important; it listens on the socket; when it gets a connection it does the setuid/gid and handles the connection. But the group list remains the same and that should not (IMHO) occur in that manner. Comments? Michael Douglass Texas Networking, Inc. "Love does not consist in gazing at each other but in looking together in the same direction." Antoine de Saint-Exupery: Wind, Sand, and Stars, ch. 8 (1939).
Current thread:
- sendmail 8.8.3 and DefaultUser and RunAsUser Michael Douglass (Dec 03)
- <Possible follow-ups>
- Re: sendmail 8.8.3 and DefaultUser and RunAsUser Pauline van Winsen - Uniq Professional Services (Dec 03)