A few of perms oddities:
* /usr/sbin/sendmail is setgid-root as well as setuid.
Is there a reason for this?
* Could we o-rx /var/spool/mqueue?
* Can we restrict the use of /usr/bin/mailq to root? I
fail to understand why people should know who I'm
sending email to.
Setting the permissions on mailq won't help if the user can still run
'sendmail -bp'; to change that requires patching sendmail.
Probably true. mailq is just a symlink to sendmail anyway.
However, somewhere along the way (none of the Red Hat boxes I have access to run
sendmail :-) newaliases, which is also a symlink, got restricted, so it must be
use restrictrunq and restrictmailq to change sendmail
I think it is good that any user can check the state of the sendmail
configuration, so I don't want to change perms.