Don’t Blame sendmail
In DontBlameSendmail on page 1009,
we describe the DontBlameSendmail
option, which can be
used to allow looser permissions. We mention this
option here because its misuse can lead to a
weakening of security.
Consider a site where you use group permissions to
allow system administrators to edit :include:
files, rather
than allowing them to do so by becoming
root. Note that these mailing
lists include archive files—that is, entries that
append messages to archive files.
Unless you tell sendmail
otherwise, it will refuse to run programs listed in
such group-writable :include:
files, and also refuse to
append to any files listed in such :include:
files (append
to archive files). Every time mail is sent to such a
mailing list, sendmail will log
the following warning:
/path: group writable :include: file, marked unsafe
You can prevent this warning and allow running of
disallowed programs and appending to disallowed
files by declaring the DontBlameSendmail
option in your
mc configuration file:
define(`confDONT_BLAME_SENDMAIL', `GroupWritableIncludeFileSafe')
This declaration tells sendmail
that you consider it safe to append to archive files
from inside :include:
files, even when the :include:
file is
group-writable. The result is that you have
streamlined your department’s operation, but you
have done so at the price of security.
The sendmail program is paranoid about group-writable permissions because such permissions open the door to intrusion by insiders. Group permissions ...
Get sendmail, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.