[CentOS] Re: sendmail aliases

Wed Apr 2 17:23:02 UTC 2008
Brent L. Bates <blbates at vigyan.com>

     The excuse given for removing the automatic update of the aliases
database file was that it was a security issue.  The thought was that someone
could tapper with the file and cause problems.  However, all these files are
checked for proper file permissions and if they are not set correctly,
sendmail will not work or at least give a warning.  If someone nasty has
permission to change the aliases text file, then they have permission to reck
a lot more havoc on your system anyways and this change isn't going to help

     Personally, having sendmail do it itself is safer than me doing it
manually.  What if I'm in the process of updating the file at the same moment
sendmail needs it.  Sendmail could read a partial file and cause more
problems.  I see this already with the access file.  With sendmail doing it on
it's own, I don't have to worry about it.  It will update it when it needs to.