On Mon, Apr 16, 2001 at 10:37:54PM -0700, Igor Pruchanskiy wrote:
> So looks like qmail's advantage of non-root thing is not an advantage anymore, is it
>? :))
qmail's security advantage (among many others, IMHO!) is not only that
it doesn't run as root: it's that each piece runs as a distinct user
(that's not root).
In other words, if you compromise the SMTP program, you still have no
access to the queue, because the user that the SMTP program runs as has
no access to the queue.
Sendmail is still one big nasty thing and if you compromise its user,
you have access to all mail things. Admittedly, /much/ better than
having access to the whole machine, but still not the same as what qmail
offers.
qmail fan,
Tim
