Bugtraq mailing list archives

Re: more procmail

From: kragen () POBOX COM (Kragen Sitaker)
Date: Tue, 6 Apr 1999 21:50:03 -0400


Chris Evans writes:

As a comment I would suggest anyone running procmail with elevated
privs either

a) Needs their head examined or
b) Hasn't read the code.


Procmail is generally not useful when running on behalf of the person
who wrote the email it's being given as input.

When it is running on behalf of someone else, which is the usual case,
it has privileges that the sender did not.

In my book, that means it's running with elevated privs.

Common examples of this situation:
- filtering your incoming mail with procmail
- running a mailbox (of mail from other people) through procmail

--
<kragen () pobox com>       Kragen Sitaker     <http://www.pobox.com/~kragen/>
This is exactly how the World Wide Web works: the HTML files are the pithy
description on the paper tape, and your Web browser is Ronald Reagan.
  -- Neal Stephenson, at http://www.cryptonomicon.com/beginning_print.html

Current thread:

More procmail Chris Evans (Apr 05)
- Re: More procmail Philip Guenther (Apr 06)
  - Adobe put Trojan horse in Acrobat. Bob Zoller (Apr 06)
  - Re: More procmail Ricky Connell (Apr 07)
    - Re: More procmail Christopher P. Lindsey (Apr 07)
- <Possible follow-ups>
- Re: more procmail Kragen Sitaker (Apr 06)