[CentOS] Re: sendmail aliases

Brent L. Bates blbates at vigyan.com
Wed Apr 2 17:23:02 UTC 2008


     The excuse given for removing the automatic update of the aliases
database file was that it was a security issue.  The thought was that someone
could tapper with the file and cause problems.  However, all these files are
checked for proper file permissions and if they are not set correctly,
sendmail will not work or at least give a warning.  If someone nasty has
permission to change the aliases text file, then they have permission to reck
a lot more havoc on your system anyways and this change isn't going to help
any.

     Personally, having sendmail do it itself is safer than me doing it
manually.  What if I'm in the process of updating the file at the same moment
sendmail needs it.  Sendmail could read a partial file and cause more
problems.  I see this already with the access file.  With sendmail doing it on
it's own, I don't have to worry about it.  It will update it when it needs to.



More information about the CentOS mailing list