Re: auditing procmail?

Wednesday, 23 February 2005

...
 > Anybody have any good ideas on what should happen for auditing
and loginuid
 > when Sendmail invokes procmail as a delivery agent, and we're running
 > essentially arbitrary code as the user from their .procmailrc?  My gut
 > feeling is that this *should* act just like a cron job for auditing
 > purposes, but the sendmail/procmail interface isn't in the least PAM-ified,
 > so we can't just toss in a 'session required pam_audit.so'...

 Yes, this is ugly. If the audit context can't be set appropriately this
 functionality needs to be disabled for the CC evaluated configuration,
 for example by setting "allow_mail_to_commands" in the case of postfix
 (see the local(1) man page).

 Does anyone plan to add this functionality to the MTA? 
Probably shouldn't be the MTA, but the MDA (procmail).

There is a great deal of disagreement between many people (including me) 
and Vietse, who thinks that the MTA shall setuid(), thereby making 
decisions that may easily be out of its scope.

Looks like both procmail and postfix need to be pam'ified.

R.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

2005

2004

Re: auditing procmail?