HPE Community
Operating System - HP-UX
1847213 Members
2049 Online
110263 Solutions
New Discussion

Re: non-root user / sendmail

 
Nobody's Hero
Valued Contributor

‎01-10-2008 05:24 AM

‎01-10-2008 05:24 AM

non-root user / sendmail

Ok, yes, I have posted a lot of questions about this topic.
I have almost accomplished allowing a non-root user have access to /etc/mail and the logs by creating groups.

Now the problem is, they need to be able to more or cat the actual file that is in the mail queue.
On my system they are all owned by
rw------- root:smtp

The problem is, files are created and processed all the time as the above perms.

1) can I change the umask on how these files are being created to rw-rw---- and add the users to the smtp group?

2) any other suggestions how I can allow people to look at these files?

IM STUCK. Been working on it for a week.
UNIX IS GOOD
0 Kudos
Reply
2 REPLIES 2
Steven E. Protter
Exalted Contributor

‎01-10-2008 05:37 AM

‎01-10-2008 05:37 AM

Re: non-root user / sendmail

Shalom Hero.

1) You don't change umask on files. You change umask in the user environment that creates the files. In this case that would be sendmail, which is specifically configured for anti-spam reasons to prevent you from doing what you want to do. Also note that merely creating a file in the queue does not guarantee it will be processed. It needs a unique serial number to work right.

2) Copy them someplace that does not compromise security and then run chmod on them.

SEP
Steven E Protter
Owner of ISN Corporation
http://isnamerica.com
http://hpuxconsulting.com
Sponsor: http://hpux.ws
Twitter: http://twitter.com/hpuxlinux
Founder http://newdatacloud.com
0 Kudos
Reply
Zeev Schultz
Honored Contributor

‎01-10-2008 05:44 AM

‎01-10-2008 05:44 AM

Re: non-root user / sendmail

Well,setting SGID is a possibility. I've seen it in sendmails/SECURITY file on Linux so it can possibly work with HPUX.

Source: http://www.sendmail.org/security/secure-install.php
So computers don't think yet. At least not chess computers. - Seymour Cray
0 Kudos
Reply
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.