Re: [ILUG] email security through procmail

From: Fergal Daly (fergal at domain esatclear.ie)
Date: Mon 29 Mar 1999 - 23:40:48 IST

• Next message: Mel_White/yves-rocher at domain yrnet.com: "[ILUG] RedHat Cert. Study Guidelines"
• Previous message: Mel: "Re: [ILUG] RTE News.."
• Maybe in reply to: Donncha O Caoimh: "[ILUG] email security through procmail"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

At 09:48 29/03/99 +0000, you wrote:
>I spent a good few minutes trying to install the procmail kit from
>ftp://ftp.rubyriver.com/pub/jhardin/antispam/procmail-security.html
>but I keep getting the following error in /var/log/procmail:
>No -e allowed in setuid scripts.
>procmail: Error while writing to " perl -p -e ' #\
>
>etc etc..
>
>I followed the docs by not putting the html-trap.procmail into an
>/etc/procmail/ directory but no luck. Has anyone installed this?

The problem is that perl goes into super paranoid mode when it realises
that the effective uid and the real uid are not the same (ie. it's a setuid
script or in this case procmail has changed it's uid from being root to
being whoever is receving mail). This means that all sorts of check are put
in place and it disallows certain commandline options like -e .

Try adding a -U switch along with the -p and -e this allows perl to do
"Unsafe" things,

Fergal

• Next message: Mel_White/yves-rocher at domain yrnet.com: "[ILUG] RedHat Cert. Study Guidelines"
• Previous message: Mel: "Re: [ILUG] RTE News.."
• Maybe in reply to: Donncha O Caoimh: "[ILUG] email security through procmail"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
• Mail actions: [ respond to this message ] [ mail a new topic ]

This archive was generated by hypermail 2.1.6 : Thu 06 Feb 2003 - 13:04:06 GMT