Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 13 Jan 1998 14:49:33 -0600 (CST)
From:      dkelly@nebula.tbe.com
To:        FreeBSD-gnats-submit@FreeBSD.ORG
Cc:        dkelly@nebula.tbe.com
Subject:   ports/5494: popauth in popper
Message-ID:  <199801132049.OAA26900@PeeCee.tbe.com>
next in thread | raw e-mail | index | archive | help 

>Number:         5494
>Category:       ports
>Synopsis:       regular user can not change popauth secret
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports
>State:          open
>Quarter:
>Keywords:
>Date-Required:
>Class:          support
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 15 00:51:26 PST 1998
>Last-Modified:
>Originator:     David Kelly
>Organization:
n/a
>Release:        FreeBSD 2.2.5-STABLE i386
>Environment:

PeeCee: {1044} ls -ld /var/db/pkg/qpop*
drwxr-xr-x  2 root  bin  512 Jan 12 12:28 /var/db/pkg/qpopper-2.41b1/

>Description:

Normal user can not change popauth secret even after root creates it.

>How-To-Repeat:

PeeCee: {1075} which popauth
/usr/local/bin/popauth
PeeCee: {1076} ls -l `which popauth`
---s--x--x  1 pop  bin  12288 Jan 12 12:28 /usr/local/bin/popauth*
PeeCee: {1077} popauth -user
popauth: missing argument to -user
PeeCee: {1078} popauth -user dkelly
popauth: Only superuser or user 'pop' can perform the requested function

(the above demonstrates the problem)

PeeCee: {1079} su
Password:
PeeCee: [1001] popauth -list
dkelly

(see, I really have an existing entry in the database)

PeeCee: [1002] ls -l /usr/local/etc/popper
total 16
-rw-------  1 pop  mail  16384 Jan 12 16:31 pop.auth.db
PeeCee: [1003]

man popauth says:
DESCRIPTION
       The popauth program allows a POP-subscriber to change  the
       secret value used to generate their authentication creden-
       tials.  In addition, the super-user or master POP user may
       use  this  program  to  either add or remove a user, or to
       print public information from it.  Only the super-user may
       initialize  the database.  popauth is useful only when the
       APOP configuration option is defined.  (This configuration
       option defines the name of the POP authorization DB.)

So I'm of the opinion a normal user *should* be able to change their
secret.

>Fix:
        
Looking at the source code I see its coded
    
    myuid = getuid();

    if ((pw = getpwnam (POPUID)) == NULL)
        adios ("\"%s\": user-id unknown", POPUID);

    if (pw->pw_uid == myuid)
        popuser = 1;
  
    if (myuid && !popuser && (delesw || initsw || listsw || (usersw != NULL))) 
        adios("Only superuser or user '%s' can perform the requested function",
            POPUID);

changing the first line from "getuid()" to "geteuid()" would fix it, I think,
but would like 2nd opinions before turning my user's loose with it.

>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199801132049.OAA26900>