Date: Sun, 23 Mar 1997 23:20:33 +0800 From: Peter Wemm <peter@spinner.DIALix.COM> To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) Cc: dv@kis.ru (Dmitry Valdov), freebsd-bugs@freebsd.org, security-officer@freebsd.org Subject: Re: sendmail can't create PID file because of owner permission of /var/run Message-ID: <199703231520.XAA05026@spinner.DIALix.COM> In-Reply-To: Your message of "Sun, 23 Mar 1997 15:35:19 %2B0100." <19970323153519.BW27841@uriah.heep.sax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
J Wunsch wrote:
> As Dmitry Valdov wrote:
>
> > sendmail doesn't create sendmai.pid file
> > if /var/run directory owned by other than root. Default owner of /var/run i
n
> > 2.2R is 'bin'. The problem appears in 2.1.5R too.
> > sendmail version is 8.8.5
> >
> > Workaround:
> > chown root:bin /var/run
>
> safefile() in sendmail/src/util.c goes great lengths to ensure files
> are only attempted to be opened if the permissions of the directory
> allow this. Anyway, it looks as if it requires any directory to be
> world-writeable if the directory is not owned by the owner of the
> requesting process -- even if the owner is root. I'm not sure
> wheather this is a bug or a feature. The following diff fixes this,
> but i'm not 100 % sure wheather this fix is right or not.
Hmm.. this makes me rather nervous.. safefile() is a sensative component
of the security system in sendmail to avoid .forward security holes and so
on. Any changes here could have devastating consequences.
IMHO, this patch is going 180 degrees in the wrong direction. We should
have the system directories and binaries root:bin and not group writeable.
NFS access makes uid and gid bin far too vulnerable.
Cheers,
-Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703231520.XAA05026>