TrustedUser
Alternative to root administration V8.10 and later
Beginning with V8.10, sendmail
has two different types of trusted users. There are
the traditional trusted users defined by the
T configuration
command (and the class $=t), who can set the sender address
using the -f
command-line switch (-f on page
241) without generating warnings, and run
newaliases.
A separate TrustedUser option sets the identity of
the user who can administer
sendmail. If it is set, this
user will own database-map files (such as
aliases) and the control
socket (ControlSocketName on page
990).
The TrustedUser
option is set like this:
O TrustedUser=user ← configuration file (V8.10 and later) -OTrustedUser=user ← command line (V8.10 and later) define(`confTRUSTED_USER',`user') ← mc configuration (V8.10 and later)
The user is either a user
login name (in which case it will be looked up with
the appropriate passwd
technique), or an integer (in which case it will be
used as is as the uid for this
user). If the user is an
unknown or is omitted, an error will result:
readcf: option TrustedUser: unknown user bad nameThere is no default for this option, and the mc configuration technique leaves it undefined by default. See The TrustedUser option (V8.10 and above) on page 176 for a more complete discussion of this option.
The TrustedUser
option is not safe. If it is specified from the
command line, it can cause
sendmail to relinquish its
special privileges.
Get sendmail, 4th Edition now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
