On Thu, Dec 18, 2008 at 5:27 AM, Steve Grubb <sgrubb(a)redhat.com> wrote:
We ran into a problem doing the LSPP evaluation with regards to
email. Of all
the packages listed, the only one that really mattered for security was cron.
So, what we did was patched cron to be able to take an argument, -m, to
define the mail delivery agent. It could be a shell script, procmail, or
anything you wanted to take the cron output and move it into the local spool
dir. Would using this solve the problems being debated here? (And since cron
can take a mail agent argument, it should not have a hard requirement for
sendmail.)
How would you expose the option to use the argument for a local admin?
Having them edit the service file in init.d seems inappropriate. Would
you expose it in an etc/sysconfig/ file to be parsed at service
script start?
-jef