Josip Rodin <[EMAIL PROTECTED]> writes: > On Mon, Mar 17, 2008 at 09:56:52PM -0700, Russ Allbery wrote:
>> I don't know what the original Debian rationale was, but the >> traditional UNIX rationale for group-writable user mail spools is so >> that you don't have to run your mail system as root and can instead run >> it as some other user in group mail. >> However, everyone seems to have given up on that or at least uses a >> setuid-root MDA, so I'm not sure it's serving any real purpose at this >> point. > Or they don't use root at all for the MDA, instead setuid'ing to the > user itself. See also #405584. In order to deliver mail as the user, *something* has to be either running as root or setuid. That's basically my point. Group-writable mail spools allow the entire mail delivery chain to never run as root (with the possible exception of binding to port 25 if you want to accept incoming SMTP traffic), as long as you don't care about forwarding to programs. I don't know if we care about supporting this, though. -- Russ Allbery ([EMAIL PROTECTED]) <http://www.eyrie.org/~eagle/> -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
