Date: Fri, 14 Apr 1995 05:51:14 -0500 (CDT) From: Mike Pritchard <pritc003@maroon.tc.umn.edu> To: ache@freefall.cdrom.com (Andrey A. Chernov) Cc: freebsd-security@FreeBSD.org Subject: Re: cvs commit: src/usr.sbin/cron/cron Makefile do_command.c bitstring.3 bitstring.h Message-ID: <199504141051.FAA11038@mpp.com> In-Reply-To: <199504132058.NAA27172@freefall.cdrom.com> from "Andrey A. Chernov" at Apr 13, 95 01:58:16 pm
next in thread | previous in thread | raw e-mail | index | archive | help
Ok, here is a fix for all of the currently known cron problems that
also allows the user to set MAILTO to anything they please. This
is done by calling sendmail with "-t" to tell it to read the recipient
list from the mail header. The argument given with MAILTO is not passed
on the command line, thus making it impossible for the user to spoof
sendmail in anyway (unless someone knows how to do it by mucking with
the "To:" line in the mail header).
I hope that this fix will make everyone happy.
-Mike
*** orig/config.h Fri Apr 14 05:29:20 1995
--- ./config.h Fri Apr 14 05:28:33 1995
***************
*** 42,51 ****
*/
#define MAILCMD _PATH_SENDMAIL /*-*/
! #define MAILARGS "%s -FCronDaemon -odi -oem %s" /*-*/
/* -Fx = set full-name of sender
* -odi = Option Deliverymode Interactive
* -oem = Option Errors Mailedtosender
*/
/* #define MAILCMD "/bin/mail" /*-*/
--- 42,52 ----
*/
#define MAILCMD _PATH_SENDMAIL /*-*/
! #define MAILARGS "%s -FCronDaemon -odi -oem -t" /*-*/
/* -Fx = set full-name of sender
* -odi = Option Deliverymode Interactive
* -oem = Option Errors Mailedtosender
+ * -t = read recipient from header of message
*/
/* #define MAILCMD "/bin/mail" /*-*/
*** orig/do_command.c Fri Apr 14 05:26:55 1995
--- ./do_command.c Fri Apr 14 05:40:02 1995
***************
*** 94,128 ****
*/
usernm = env_get("LOGNAME", e->envp);
mailto = env_get("MAILTO", e->envp);
- if (mailto != NULL && *mailto) {
- char *head, *next;
- int address_found = 0;
-
- head = mailto;
- while (isspace(*head))
- head++;
- for ( ; (next = strpbrk(head, " \t")) != NULL; head = next) {
- next++;
- while (isspace(*next))
- next++;
- address_found = 1;
- if (*head == '-') {
- mailto = NULL;
- break;
- }
- }
- if (mailto != NULL && *head) {
- address_found = 1;
- if (*head == '-')
- mailto = NULL;
- }
- if (!address_found)
- mailto = "";
- if (mailto == NULL) {
- log_it("CRON",getpid(), usernm, "attempts to crack");
- exit(ERROR_EXIT);
- }
- }
#ifdef USE_SIGCHLD
/* our parent is watching for our death by catching SIGCHLD. we
--- 94,99 ----
***************
*** 395,402 ****
auto char hostname[MAXHOSTNAMELEN];
(void) gethostname(hostname, MAXHOSTNAMELEN);
! (void) sprintf(mailcmd, MAILARGS,
! MAILCMD, mailto);
if (!(mail = cron_popen(mailcmd, "w"))) {
perror(MAILCMD);
(void) _exit(ERROR_EXIT);
--- 366,373 ----
auto char hostname[MAXHOSTNAMELEN];
(void) gethostname(hostname, MAXHOSTNAMELEN);
! (void) snprintf(mailcmd, sizeof(mailcmd),
! MAILARGS, MAILCMD);
if (!(mail = cron_popen(mailcmd, "w"))) {
perror(MAILCMD);
(void) _exit(ERROR_EXIT);
*** orig/popen.c Fri Apr 14 05:26:55 1995
--- ./popen.c Fri Apr 14 05:38:28 1995
***************
*** 32,37 ****
--- 32,38 ----
#include <sys/signal.h>
+ #define MAX_ARGS 100
#define WANT_GLOBBING 0
/*
***************
*** 50,56 ****
FILE *iop;
int argc, pdes[2];
PID_T pid;
! char *argv[100];
#if WANT_GLOBBING
char **pop, *vv[2];
int gargc;
--- 51,57 ----
FILE *iop;
int argc, pdes[2];
PID_T pid;
! char *argv[MAX_ARGS + 1];
#if WANT_GLOBBING
char **pop, *vv[2];
int gargc;
***************
*** 72,78 ****
return(NULL);
/* break up string into pieces */
! for (argc = 0, cp = program;; cp = NULL)
if (!(argv[argc++] = strtok(cp, " \t\n")))
break;
--- 73,79 ----
return(NULL);
/* break up string into pieces */
! for (argc = 0, cp = program; argc < MAX_ARGS; cp = NULL)
if (!(argv[argc++] = strtok(cp, " \t\n")))
break;
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199504141051.FAA11038>