Name
DefaultUser
Synopsis
The sendmail program can be run as a set-user-id root process (that is, with the permissions of the root, regardless of who runs it, the default prior to V8.12). It can also be run as an ordinary process by an ordinary (nonprivileged) user (that is, with root privilege only if it is run by root). When sendmail is run so that it has root privilege, it must give up that privilege under certain circumstances to remain secure.[18]
When it can’t set its identity to that of a real
user, or when it should not (as when writing to files or running
programs specified in the aliases file),
sendmail sets its gid to
that specified by the g option and its
uid to that specified by the
u option. For V8.7 and later, the
DefaultUser option sets both the user and group
identities.[19]
When sendmail is running with
root privilege and when the
F=S delivery agent flag (F=S) is not specified,
sendmail changes its owner and group identity to
that of an ordinary user in the following circumstances:
If the mail message is forwarded because of a user’s ~/.forward file, and if delivery is via a delivery agent that has the
F=oflag set (F=o), sendmail changes its owner and group identity to that of the user whose ~/.forward file was read.Otherwise, if the mail message is being delivered through an aliases(5) file’s
:include:mailing list expansion, and if delivery is via a delivery agent that has theF=oflag set (F=o) or to a file, sendmail changes its owner and group identity to that ...
Get Sendmail, 3rd Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
