[ale] sendmail using real rather than effective user ID

Lightner, Jeff JLightner at water.com
Thu Aug 11 13:14:58 EDT 2011 

No - SELinux is disabled.

________________________________
From: ale-bounces at ale.org [mailto:ale-bounces at ale.org] On Behalf Of Jim Kinney
Sent: Wednesday, August 10, 2011 7:25 PM
To: Atlanta Linux Enthusiasts
Subject: Re: [ale] sendmail using real rather than effective user ID

Is selinux active? It always keeps the real ID of the user intact even through multiple layers of su.
On Wed, Aug 10, 2011 at 4:39 PM, Lightner, Jeff <JLightner at water.com<mailto:JLightner at water.com>> wrote:
On a couple of recently loaded servers including a RHEL6 I found that Sendmail is sending emails generated by root processes using my real user ID rather than root's ID.

These root processes were started from command line after I did "sudo su -" to become root.   The processes definitely show root as the user running them.   The sudo man page says that when one switches to another user both real and effective user ID are set to the new user which seems to be born out by the "id" command.   However, if I run "who am i" and "whoami" I'm seeing my real user id (the one I was before doing the sudo su) and effective ID.   However, this is also true on my RHEL5 boxes.

Did something change in Sendmail where it is detecting the underlying user somehow?   On my RHEL5 boxes the email goes out just fine as root@ after a sudo su -.





__________________________________________________________________________________________
Jeff Lightner | UNIX/Linux Administrator | DS Waters of America, Inc | 5660 New Northside Drive, Ste 250 | Atlanta, GA 30328
*: (Direct Dial) 678-486-3516<tel:678-486-3516> |*: (Cell) 678-772-0018<tel:678-772-0018> |  *:jlightner at water.com<mailto:jlightner at water.com>







Proud partner. Susan G. Komen for the Cure.

 Please consider our environment before printing this e-mail or attachments.
----------------------------------
CONFIDENTIALITY NOTICE: This e-mail may contain privileged or confidential information and is for the sole use of the intended recipient(s). If you are not the intended recipient, any disclosure, copying, distribution, or use of the contents of this information is prohibited and may be unlawful. If you have received this electronic transmission in error, please reply immediately to the sender that you have received the message in error, and delete it. Thank you.
----------------------------------



_______________________________________________
Ale mailing list
Ale at ale.org<mailto:Ale at ale.org>
http://mail.ale.org/mailman/listinfo/ale
See JOBS, ANNOUNCE and SCHOOLS lists at
http://mail.ale.org/mailman/listinfo



--
--
James P. Kinney III

As long as the general population is passive, apathetic, diverted to consumerism or hatred of the vulnerable, then the powerful can do as they please, and those who survive will be left to contemplate the outcome.
- 2011 Noam Chomsky

http://heretothereideas.blogspot.com/
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://mail.ale.org/pipermail/ale/attachments/20110811/45b7df5d/attachment-0001.html

More information about the Ale mailing list