Date: Tue, 22 Jul 2003 03:37:53 +0400 (MSD) From: Oleg Bulyzhin <oleg@rinet.ru> To: FreeBSD-gnats-submit@FreeBSD.org Cc: gshapiro@FreeBSD.org Subject: bin/54731: [PATCH] bug in mail.local can cause unnecessary mail delivery delays Message-ID: <20030721233753.22CD42EF9@lath.rinet.ru> Resent-Message-ID: <200307212340.h6LNeEa9022752@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 54731 >Category: bin >Synopsis: [PATCH] bug in mail.local can cause unnecessary mail delivery delays >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Mon Jul 21 16:40:13 PDT 2003 >Closed-Date: >Last-Modified: >Originator: Oleg Bulyzhin >Release: FreeBSD 4.8-RELEASE i386 >Organization: Cronyx Plus LLC (RiNet ISP) >Environment: System: FreeBSD lath.rinet.ru 4.8-RELEASE FreeBSD 4.8-RELEASE #0: Sat Apr 5 12:35:16 MSD 2003 root@lath.rinet.ru:/lh/obj/lh/src/sys/lath i386 All sendmail versions (including 8.12.9) are affected. (This bug affects systems without maillock(). Not sure about systems where maillock() exists). >Description: During mailbox locking mail.local creates lock file (usually /var/log/mboxname.lock). Under certain circumstances mail.local is unable to remove this lock file after delivery attempt, thus next mail delivery (handled by other mail.local process) can be delayed for up to LOCKTO_RM seconds (5min). Here is explanation: First, mail.local creates lock file using super-user privileges. Before delivery attempt mail.local drops privileges by calling setreuid() (mail.local.c:1073). Then, in various error checking code, goto err0 & goto err1 are used (mail.local.c:1087 1103 1148 1165) If any of this errors appears, mail.local will be unable to remove lock file, cause it calls unlockmbox() (mail.local.c:1231) having euid == uid of mbox owner (while lock file owned by root). Thus unlink call (mail.local.c:1398) will fail. Next mail.local process will be unable to deliver mail until lock file expires (expire time LOCKTO_RM seconds). >How-To-Repeat: It's not easy to repeat it with original mail.local cause those error which can lead to this problem are quite rare. (actually, i never seen any of em). Problem was noticed when i tested slightly modified mail.local (simple implementation of mailbox size limit). >Fix: There is misplaced setreuid(0,0) call: we need super-user priveleges neither for truncating (mail.local.c:1228) mailbox no for closing (mail.local.c:1230) it. But we need those priveleges for removing root-owned lock file. --- mail.local.c.orig Mon Mar 3 20:31:13 2003 +++ mail.local.c Tue Jul 22 03:28:05 2003 @@ -1220,7 +1220,6 @@ { mailerr("450 4.2.0", "%s: %s", path, sm_errstring(errno)); err3: - (void) setreuid(0, 0); #ifdef DEBUG fprintf(stderr, "reset euid = %d\n", (int) geteuid()); #endif /* DEBUG */ @@ -1228,7 +1227,8 @@ (void) ftruncate(mbfd, curoff); err1: if (mbfd >= 0) (void) close(mbfd); -err0: unlockmbox(); +err0: (void) setreuid(0, 0); + unlockmbox(); return; } >Release-Note: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20030721233753.22CD42EF9>