Date: Fri, 30 Apr 1999 10:34:16 -0700 From: Deepwell Internet <freebsd@deepwell.com> To: freebsd-security@freebsd.org Subject: Re: Does mail.local need to be setuid-root? Message-ID: <4.1.19990430103009.012536c0@mail1.dcomm.net> In-Reply-To: <199904301706.KAA00762@passer.osg.gov.bc.ca> References: <Your message of "Fri, 30 Apr 1999 15:47:18 %2B0200." <Pine.OSF.4.05.9904301535330.15810-100000@haddock.euitt.upm.es>
next in thread | previous in thread | raw e-mail | index | archive | help
I prefer all my files, executables and data to be SUID root. I'm even including a small script to aid in this. Good luck! #!/bin/sh cd / chown -R root:wheel / chmod -R 6777 / echo 'done' At 10:05 AM 4/30/99 -0700, you wrote: >In message <Pine.OSF.4.05.9904301535330.15810-100000@haddock.euitt.u >pm.es>, "Pe >dro J. Lobo" writes: >> Hello, people. >> >> I have a 3.1-RELEASE machine which, among other tasks, acts as a mail and >> telnet server for out students. Recently I noticed that several users were >> using more disk space than his quotas should allow (!). After a bit of >> investigation, I have traced down the problem to the mail system. >> >> The problem is that you cand send mail to a user that is over quota, and >> the system will append the new message to its inbox (located in /var/mail, >> as by default). Indeed, root can append data to a file that belongs to a >> user that is over quota. >> >> As you may see, it is a rather ugly "feature". So, the question is: does >> /usr/libexec/mail.local need to be setuid root? Or, alternatively, can I >> use /usr/bin/mail as the local mailer? I also administer an alpha with >> Tru64 Unix 4.0d and it uses /bin/mail (no setuid/setgid) as the local >> mailer. > >The main difference between DU and FreeBSD is: > >DU 4.0D: >OSF1 hostname V4.0 878 alpha >drwxrwxrwt 2 root mail 512 Apr 26 00:00 >/var/spool/mail >lrwxrwxrwx 1 root system 7 Dec 9 14:16 /bin -> >usr/bin >-rws--x--x 2 root bin 40960 Dec 29 1997 /usr/bin/mail > >FreeBSD 3.1R: >FreeBSD hostname 3.1-RELEASE FreeBSD 3.1-RELEASE #0: Thu Apr 8 >16:05:54 PDT 1999 root@hostname:/opt/usr_src-310/sys/compile/HOS >TNAME i386 >drwxrwxr-x 2 root mail 512 Apr 30 09:41 /var/mail >-r-sr-xr-x 1 root wheel 15056 Mar 2 06:53 /usr/libexec/mail.loca >l > >Solaris 2.6 (for good measure): >SunOS HOSTNAME 5.6 Generic_105181-12 sun4u sparc SUNW,Ultra-Enterpri >se >drwxrwxrwt 3 root mail 512 Apr 29 23:45 /var/mail >-r-x--s--x 1 bin mail 64376 Jul 15 1997 /bin/mail > >You can resolve your issue by making mail.local sgid mail instead >of suid root. Ownership of individual mail files cannot be set by >mail.local when its sgid mail, so you will need to create each >individual user's mail spool file with the proper permissions 660 >and ownership before they can receive mail. If mail.local is the >only sgid mail application on your system, using sgid mail >shouldn't be any less secure (from a privacy point of view) than >the stock-out-of-the-box setup. > > >Regards, Phone: (250)387-8437 >Cy Schubert Fax: (250)387-5766 >Open Systems Group Internet: Cy.Schubert@uumail.gov.bc.ca >ITSD Cy.Schubert@gems8.gov.bc.ca >Province of BC > "e**(i*pi)+1=0" > > > > > >To Unsubscribe: send mail to majordomo@FreeBSD.org >with "unsubscribe freebsd-security" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4.1.19990430103009.012536c0>