O'Reilly logo

Sendmail, 3rd Edition by Bryan Costales

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Name

DefaultUser

Synopsis

The sendmail program can be run as a set-user-id root process (that is, with the permissions of the root, regardless of who runs it, the default prior to V8.12). It can also be run as an ordinary process by an ordinary (nonprivileged) user (that is, with root privilege only if it is run by root). When sendmail is run so that it has root privilege, it must give up that privilege under certain circumstances to remain secure.[18]

When it can’t set its identity to that of a real user, or when it should not (as when writing to files or running programs specified in the aliases file), sendmail sets its gid to that specified by the g option and its uid to that specified by the u option. For V8.7 and later, the DefaultUser option sets both the user and group identities.[19]

When sendmail is running with root privilege and when the F=S delivery agent flag (F=S) is not specified, sendmail changes its owner and group identity to that of an ordinary user in the following circumstances:

  1. If the mail message is forwarded because of a user’s ~/.forward file, and if delivery is via a delivery agent that has the F=o flag set (F=o), sendmail changes its owner and group identity to that of the user whose ~/.forward file was read.

  2. Otherwise, if the mail message is being delivered through an aliases(5) file’s :include: mailing list expansion, and if delivery is via a delivery agent that has the F=o flag set (F=o) or to a file, sendmail changes its owner and group identity to that ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required