Running Scripts (Or Calling Sendmail) As A Different User?

Anonymous Monk has asked for the wisdom of the Perl Monks concerning the following question:

I'm trying to use sendmail (with the -f to set the return-path), but because "nobody" is calling the script and thus, calling sendmail, sendmail receives this "must be authorized" action from "nobody".

Doh.

X-Authentication-Warning: [mailserver]: nobody set sender to
[email address] using -f
[download]

How do you allow a script (Perl/CGI) (or more secure, sendmail only) to run as a different and more authorized user?

Thanks

Comment on Running Scripts (Or Calling Sendmail) As A Different User? Download Code

Replies are listed 'Best First'.
Re: Running Scripts (Or Calling Sendmail) As A Different User? by merlyn (Sage) on Nov 26, 2000 at 21:09 UTC
You have a few options: permit `nobody` to set `-f` (best) use something like Net::SMTP to relay your first hop instead of using sendmail directly; then you have control over every header create a setuid script (or wrapper) set to a user who can issue the `-f`, but I presume this will be some "super" user, so that makes this the least favorite of the choices presented here -- Randal L. Schwartz, Perl hacker	[reply]
Re: Running Scripts (Or Calling Sendmail) As A Different User? by Fastolfe (Vicar) on Nov 26, 2000 at 23:11 UTC
This should just be a warning. The envelope sender should become the user you specified (thus affecting the value of the Return-Path header), it's just that this warning header should be added along with it. If the script on the other end is just looking for a Return-Path header, this should still work fine. It almost sounds like you're trying to forge an e-mail message in such a way that the user reading it (because it still seems weird for a script to rely on the Return-Path header, and I've never heard of one making a fuss over the presence of an X-Authentication-Warning one) doesn't know...	[reply]