Hi,
On 6 Feb 2019, at 21:35, Rob Brewer ipfire-devel@grantura.co.uk wrote:
Hi Michael
Michael Tremer wrote:
Hi,
Thanks for sending the patch.
I agree that 503.tape is incorrect, but would say that sendEmail should be owned by root.root and have 755 as permissions.
Why does the script need to become root when it is being executed by nobody? I think that is a security risk.
Because those were the owners and permissions with sendEmail in IPCop and I have an IPCop addon that uses sendEmail to send my firewall logs to Dshield. I dont think a group ID of nobody is essential for this addon though.
No. Please change the patch accordingly and submit again.
Regarding the IPCop add-on: Please do not use sendEmail. It does not do the job.
We have dma, a small mail agent that can be configured over the web-ui. It does proper bounce handling and will try to send the email again in case the first attempt failed. sendEmail doesn’t do that.
The addon based on the IPCop logsend addon been running for the last few months on my IPFire but need a little more work before I can release it here.
(watch this space :) )
Rob
-Michael