All rights reserved.
4.6 The aliases File | 169
You can prevent this warning and allow running of disallowed programs and
appending to disallowed files by declaring the DontBlameSendmail option in your mc
configuration file:
define(`confDONT_BLAME_SENDMAIL??, `GroupWritableIncludeFileSafe??)
This declaration tells sendmail that you consider it safe to append to archive files from
inside :include: files, even when the :include: file is group-writable. The result is
that you have streamlined your department??™s operation, but you have done so at the
price of security.
The sendmail program is paranoid about group-writable permissions because such
permissions open the door to intrusion by insiders. Group permissions are managed
via the passwd and group files, and :include: files can be silently edited withno
record made about what was done to them. Contrast this approach to one that uses
sudo(8) or a similar program, to manage access to root and other privileges. The
sudo(8) program executes programs (suchas an editor to edit an :include: file) with
special permissions (such as root) and logs a record of each command executed.
It is vastly better to keep sendmail??™s file permissions narrow and to use other security
tools to manage those files. We recommend you never use the DontBlameSendmail
option to loosen permissions. If you think you need to do so, you should review your
overall approach.
Pages:
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328