Re: Permissions and delivery of LAN email by exim
On 2019-08-16, Greg Wooledge <wooledg@eeg.ccf.org> wrote:
> On Fri, Aug 16, 2019 at 02:20:09PM -0500, David Wright wrote:
>> AIUI exim should be able to deliver emails into a user's mbox, but
>> I'm confused about how exim is meant to do that, because it runs as
>> user Debian-exim, but mailbox permissions are normally group:mail.
>
> I don't know much about exim4, but:
>
> -rwsr-xr-x 1 root root 1241412 Jul 20 07:35 /usr/sbin/exim4
>
> That setuid bit means it *can* become you in order to deliver a message
> to your inbox.
>
That's exactly what the docs say is supposed to happen:
Local message deliveries are normally run in processes that are setuid
to the recipient, and remote deliveries are normally run under Exim’s
own uid and gid.
--
“We are all in the gutter, but some of us are looking at the stars.”
― Oscar Wilde, Lady Windermere's Fan
Reply to: