Name
F=S
Synopsis
There are three major ways in which
sendmail can be run:[33]
as a set-user-id root
process (that is, with the permissions of root
regardless of who runs it), as a root process
because it was run by root, or as an ordinary
process run by an ordinary (nonprivileged) user. When
sendmail is running with
root privilege and when the
F=S delivery agent flag is specified for a
delivery agent, sendmail
always invokes that delivery agent as the
effective user and effective group specified by the
U= delivery agent equate.[34] If the
U= delivery agent equate is unspecified or is
specified as zero, it runs as the effective user
root. In both instances, the real user and real
group IDs remain those of the recipient.
If the F=S flag is omitted from the delivery
agent, the following scenarios occur:
If delivery is to a file, and if the set-user-id bit is set in the file’s permission bits, and if the execute-bit is not set, sendmail sets its user and group identities to those of the owner and group of the file.
Otherwise, if the set-user-id bit is not set, or if deliver is not to a file, and if there is a controlling user (C line) for the address, sendmail sets its identity to that of the controlling user for delivery.
Otherwise, if the user or group part of the
U=delivery agent equate was missing or 0, sendmail assumes the identity of theDefaultUseroption (DefaultUser).Otherwise, sendmail assumes the identity of the
U=delivery agent equate.
If it fails to set its identity, ...
Get Sendmail, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
