From owner-svn-src-head@freebsd.org Tue Sep 3 14:06:57 2019 Return-Path: Delivered-To: svn-src-head@mailman.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.nyi.freebsd.org (Postfix) with ESMTP id DD55ADD19B; Tue, 3 Sep 2019 14:06:55 +0000 (UTC) (envelope-from yuripv@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2610:1c1:1:6074::16:84]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 46N7zz4DTXz4Q32; Tue, 3 Sep 2019 14:06:55 +0000 (UTC) (envelope-from yuripv@freebsd.org) Received: by freefall.freebsd.org (Postfix, from userid 1452) id A86661AD86; Tue, 3 Sep 2019 14:06:21 +0000 (UTC) X-Original-To: yuripv@localmail.freebsd.org Delivered-To: yuripv@localmail.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [96.47.72.80]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client CN "mx1.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by freefall.freebsd.org (Postfix) with ESMTPS id D2811DC71; Mon, 15 Apr 2019 19:44:27 +0000 (UTC) (envelope-from owner-src-committers@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [96.47.72.132]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "freefall.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 3E9E1900FC; Mon, 15 Apr 2019 19:44:27 +0000 (UTC) (envelope-from owner-src-committers@freebsd.org) Received: by freefall.freebsd.org (Postfix, from userid 538) id 1337EDC39; Mon, 15 Apr 2019 19:44:27 +0000 (UTC) Delivered-To: src-committers@localmail.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) (Client CN "mx1.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by freefall.freebsd.org (Postfix) with ESMTPS id 3A136DC36; Mon, 15 Apr 2019 19:44:24 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: from smtp.freebsd.org (smtp.freebsd.org [96.47.72.83]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) server-signature RSA-PSS (4096 bits) client-signature RSA-PSS (4096 bits) client-digest SHA256) (Client CN "smtp.freebsd.org", Issuer "Let's Encrypt Authority X3" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 09D01900F6; Mon, 15 Apr 2019 19:44:24 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: from mail-lj1-f171.google.com (mail-lj1-f171.google.com [209.85.208.171]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "GTS CA 1O1" (verified OK)) (Authenticated sender: kevans) by smtp.freebsd.org (Postfix) with ESMTPSA id 95139C100; Mon, 15 Apr 2019 19:44:23 +0000 (UTC) (envelope-from kevans@freebsd.org) Received: by mail-lj1-f171.google.com with SMTP id k8so16829046lja.8; Mon, 15 Apr 2019 12:44:23 -0700 (PDT) X-Gm-Message-State: APjAAAWogPwY1fp+ECX7c86vKphf2JoBEqXhWOswgcXyewDSiFxgbrtG hfFNr+rpx4wyZekk6EPAIFSNywupdt4ZA3XUXCg= X-Google-Smtp-Source: APXvYqwOXYpd3W0JDA95iUsk4jrqGHzPyTuBKd1CJX6Id0L1EAaGsMbPSIO5TT7srz7hse3g/XxsvhqPuaod2OxhxKM= X-Received: by 2002:a2e:6a14:: with SMTP id f20mr43030003ljc.65.1555357462247; Mon, 15 Apr 2019 12:44:22 -0700 (PDT) MIME-Version: 1.0 References: <201904151853.x3FIrSXI019502@repo.freebsd.org> In-Reply-To: From: Kyle Evans X-Gmail-Original-Message-ID: Message-ID: Subject: Re: svn commit: r346252 - in head/usr.sbin/cron: cron crontab To: Ian Lepore Cc: src-committers , svn-src-all@freebsd.org, svn-src-head@freebsd.org Content-Type: text/plain; charset="UTF-8" Precedence: bulk X-Loop: FreeBSD.org Sender: owner-src-committers@freebsd.org X-Rspamd-Queue-Id: 3E9E1900FC X-Spamd-Bar: ------ Authentication-Results: mx1.freebsd.org X-Spamd-Result: default: False [-6.98 / 15.00]; NEURAL_HAM_MEDIUM(-1.00)[-1.000,0]; NEURAL_HAM_SHORT(-0.98)[-0.983,0]; REPLY(-4.00)[]; NEURAL_HAM_LONG(-1.00)[-1.000,0] Status: O X-BeenThere: svn-src-head@freebsd.org X-Mailman-Version: 2.1.29 List-Id: SVN commit messages for the src tree for head/-current List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Date: Tue, 03 Sep 2019 14:06:58 -0000 X-Original-Date: Mon, 15 Apr 2019 14:44:03 -0500 X-List-Received-Date: Tue, 03 Sep 2019 14:06:58 -0000 On Mon, Apr 15, 2019 at 2:26 PM Ian Lepore wrote: > > On Mon, 2019-04-15 at 18:53 +0000, Kyle Evans wrote: > > Author: kevans > > Date: Mon Apr 15 18:53:28 2019 > > New Revision: 346252 > > URL: https://svnweb.freebsd.org/changeset/base/346252 > > > > Log: > > cron(8): Add MAILFROM ability for crontabs > > > > This changes the sender mail address in a similar fashion to how MAILTO may > > change the recipient. The default from address remains unchanged. > > > > MFC after: 1 week > > > > Modified: > > head/usr.sbin/cron/cron/cron.8 > > head/usr.sbin/cron/cron/do_command.c > > head/usr.sbin/cron/crontab/crontab.5 > > > > Is this going to allow normal users to spoof the From: using private > crontabs? That sounds mildly dangerous. > > -- Ian I think my description here was lacking- this is a per-crontab environment variable, so yes: a user may spoof the from address in a private crontab for jobs within that crontab. I don't know how much of a security concern this is, but I peaked at cronie [1] after you brought this up and observed that their implementation is effectively the same restriction-wise, but with sanity checking for both mailfrom/mailto values. [1] https://github.com/cronie-crond/cronie/blob/master/src/do_command.c