Re: crashme crashes 2.0.20 with guarantee :-(

Boris Tobotras (tobotras@jet.msk.su)
Fri, 27 Sep 1996 14:55:04 +0400


On 26 Sep 1996 00:01:12 +0200, Olaf Titz wrote:

> > But this should not result in kernel panic. Ancient unixish
> > design requires running many programs with root privileges,

> So let's overcome the ancient designs... (that's _application_, not
> kernel design)

It _is_ kernel design, sorry. sendmail _must_ run as root, at least
for two reasons: first, it have to have root privileges to bind to smtp
port. (This can be fixed by partial redesign, something like

chgrp inetd /sbin/inetd
chown mail /sbin/sendmail
chown mail.inetd /dev/socket/tcp/smtp )

Second is much worse: I definitely want to keep current ability for
sendmail to run programs on behalf on me (via .forward), and I don't see an
easy way to enable this without having root privs.

Of course, in particular case of sendmail program can be split into
several, but this will make hole smaller, not eliminating it at all...

--
	Best regards, -- Boris.