> The file modes
>
> MODE = 0711
> SMODE = 4711
>
> in the CONFIG file are the default in the ifmail distribution. Do you mean
> to say that there is a security hole in the ifmail distribution and that the
> author should think about changing the default into something like
>
> MODE = 0710
> SMODE = 4710
Yes, letting execution of ifmail and ifnews to anybody is dangerous on a
multi-user system, as they can by passing the right parameters, force ifcico
to do outgoing calls. That can cost the sysop a lot of money.
I use :
MODE = 0711
SMODE = 4710
Then I add user "fnet" to the "news" group in /etc/group
(fnet being of the uucp group) and I add "U=fnet:uucp" to the definition
of the ifmail mailer in sendmail. This way memebers of the group news can
execute ifmail/ifnews (needed as send-ifmail is run by user news) and for
mail routing it is not possible to bypass the sendmail daemon.
That is not possible to bypass the routing.
--A bientôt, Pablo Saratxaga
~ ~ :wq ;-) PGP Key available, key ID: 0x8F0E4975