Date: Sun, 31 Jul 2005 14:30:25 GMT From: Blaz Zupan <blaz@si.FreeBSD.org> To: freebsd-ports-bugs@FreeBSD.org Subject: Re: ports/83988: [PATCH] security/amavisd-new: properly set default values Message-ID: <200507311430.j6VEUPBM035376@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR ports/83988; it has been noted by GNATS. From: Blaz Zupan <blaz@si.FreeBSD.org> To: freebsd-gnats-submit@FreeBSD.org Cc: Subject: Re: ports/83988: [PATCH] security/amavisd-new: properly set default values Date: Sun, 31 Jul 2005 16:23:24 +0200 (CEST) I have confirmation from the amavisd-new author that starting amavisd as root is safe, because it drops privileges as soon as possible. The only caveat is that p5-Net-Server 0.88 is needed, which is included in the ports collection. If somebody upgrades amavisd-new but does not upgrade p5-Net-Server, amavisd-new will not start until p5-Net-Server is upgraded. Below is the patch that should be commited. This makes amavisd-new work automatically both with and without chroot (but only if p5-Net-Server 0.88 is also installed). diff -urN amavisd-new.orig/Makefile amavisd-new/Makefile --- amavisd-new.orig/Makefile Sun Jul 17 23:42:11 2005 +++ amavisd-new/Makefile Sun Jul 31 16:05:58 2005 @@ -8,7 +8,7 @@ PORTNAME= amavisd-new PORTVERSION= 2.3.2 -PORTREVISION= 1 +PORTREVISION= 2 PORTEPOCH= 1 CATEGORIES= security MASTER_SITES= http://www.ijs.si/software/amavisd/ \ diff -urN amavisd-new.orig/files/amavisd.sh.in amavisd-new/files/amavisd.sh.in --- amavisd-new.orig/files/amavisd.sh.in Wed Jul 6 10:47:09 2005 +++ amavisd-new/files/amavisd.sh.in Sun Jul 31 16:15:45 2005 @@ -33,7 +33,6 @@ # set defaults amavisd_enable=${amavisd_enable:-"NO"} -amavisd_flags=${amavisd_flags:-"-u %%AMAVISUSER%%"} load_rc_config $name run_rc_command "$1"
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200507311430.j6VEUPBM035376>