GSoC 2008 dma enhancements
Matthew Dillon
dillon at apollo.backplane.com
Tue Jun 3 09:43:43 PDT 2008
:> In order to read a users .forward file, the dma-process must be run as
:> root, so it must be set setuid root. This would solve the problem
:> which I read at the mailinglist the last week, where it was not
:> possible to write a mail from non-root to non-root ootb.
:
:If all stuff is careful written, I'm fine with dma setuid root, but IIRC
:someone (Simon? Matt?) mentioned that they would prefer another
:mechanism ...
Which would be to write a local delivery utility which is suid-root
instead of making dma suid-root. Maybe call it 'dma_deliver' or
something.
There are various ways the utility could then interact with DMA,
but primarily it would simply drop privs, take the mail message
from DMA, deliver it via the .forward file, and return status to
DMA indicating a successful delivery.
:Yeah, dma should not listen on any outgoing port. If we would go that
:way we'll end up with the same problems the big ones[tm] aka sendmail,
:postfix etc have to deal with :)
It would almost be a separate project. Certainly a separate program.
There is no need to build everything into one dma executable.
-Matt
Matthew Dillon
<dillon at backplane.com>
More information about the Kernel
mailing list