Some we have discussed already. We touch on a few more in this
section, and provide a recommended setting where appropriate. For a full description
of each, see the sections referenced.
4.8.2.1 The DefaultUser option
The DefaultUser option (?§24.9.32 on page 1000) can be used to ensure that the
default identity (when it is not running as root) is a safe one. CERT recommends that
you create a pseudouser whose uid and gid are used nowhere on your system, and
then define the DefaultUser option to be that pseudouser. As an additional precaution,
make sure that pseudouser lacks a valid shell and has no valid home directory:
mailnull:*:32765:32765:Sendmail Default User:/no/such/directory:/bin/false
At the same time, set up a group entry for this user??™s group:
mailnull:*:32765:
This is necessary if you want to refer to this group symbolically at some later time.
This is also recommended to avoid the risk of someone else reusing that group ID for
another purpose in the future.
This is the Title of the Book, eMatter Edition
Copyright ?© 2007 O??™Reilly & Associates, Inc. All rights reserved.
176 | Chapter 4: Maintain Security with sendmail
Avoid using the name nobody, because root is mapped to nobody over NFS. If root
were to create a file over NFS that it thought was safe because root owned it and
because it was readable only by root, that root user would be surprised to find that
file owned by nobody.
Pages:
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340