From owner-svn-src-all@FreeBSD.ORG Fri Jan 11 23:40:37 2013 Return-Path: Delivered-To: svn-src-all@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by hub.freebsd.org (Postfix) with ESMTP id 05DBE51C for ; Fri, 11 Jan 2013 23:40:37 +0000 (UTC) (envelope-from peter@wemm.org) Received: from mail-vc0-f173.google.com (mail-vc0-f173.google.com [209.85.220.173]) by mx1.freebsd.org (Postfix) with ESMTP id BB8689AC for ; Fri, 11 Jan 2013 23:40:36 +0000 (UTC) Received: by mail-vc0-f173.google.com with SMTP id f13so1996478vcb.32 for ; Fri, 11 Jan 2013 15:40:35 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=wemm.org; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=nETBgqdnuBgpHfGTSKeV5Gl/QG9lXZbtdbgor+kwn4U=; b=KvfsQwoyJUWZX/Mh6wRv/uzvdKylfy1ot6Op9MwuGdJv9jQmJb8bvyJzY1AR8YJJxY 5q1iZlIiTv9MTYw3o3ZbDUW1IOGhIm8/DOy5A9x36SAhVeJQDOUz4ycHC7fs50kmJJLI 5X2NAD/QMgdvQ3Oe2C5RRyWtl+ydznJso1bA8= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20120113; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type:x-gm-message-state; bh=nETBgqdnuBgpHfGTSKeV5Gl/QG9lXZbtdbgor+kwn4U=; b=XyHLIsXGPopFZlesqtLv4ABXzJt5oYyY7cFGGlZLCwT6/aOn9bTPCz2Diad9ffsq34 fcyXqxVsKwgcUNnY2qkbLBK2849ywZ7CgWuGKKifnqsFHUlC3I+qE6v9z3a1pyfz3veH 5JdIhTZeg3PuQ4MYQpPuiuot67JhKSdpsUYwLKpt5gTF8r6A3u7GVT77AxsnKz50+i/j YeltxVtYiOrGp0YrsnSgtWxo8a6cGzjagqluC4+4MbNQq+nuLpDw64j5Jspx/lWJE7Bz lLwGI4QNrDOBheOUI8mxYWMfAFlehhwsklAXtzTFHfkeVXto17gqG8VOMuY/7K2eqrz5 6Osw== MIME-Version: 1.0 Received: by 10.220.209.74 with SMTP id gf10mr94358970vcb.10.1357947635677; Fri, 11 Jan 2013 15:40:35 -0800 (PST) Received: by 10.221.4.72 with HTTP; Fri, 11 Jan 2013 15:40:35 -0800 (PST) In-Reply-To: References: <201301112308.r0BN8JP4093605@svn.freebsd.org> Date: Fri, 11 Jan 2013 15:40:35 -0800 Message-ID: Subject: Re: svn commit: r245316 - in head: . etc From: Peter Wemm To: Brooks Davis Content-Type: text/plain; charset=ISO-8859-1 X-Gm-Message-State: ALoCoQkB9K6XV2E5az60ccKqqG7CNMV/zE2e79Veufx2YajlsHUqHnYpDTNKHBWxavVbOEFt8s61 Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org X-BeenThere: svn-src-all@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "SVN commit messages for the entire src tree \(except for " user" and " projects" \)" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Jan 2013 23:40:37 -0000 On Fri, Jan 11, 2013 at 3:19 PM, Peter Wemm wrote: > On Fri, Jan 11, 2013 at 3:08 PM, Brooks Davis wrote: > >> -IMAKE= ${IMAKEENV} ${MAKE} -f Makefile.inc1 >> +IMAKE= ${IMAKEENV} ${MAKE} -f Makefile.inc1 \ >> + INSTALL="install -N ${.CURDIR}/etc" \ >> + MTREE_CMD="nmtree -N ${.CURDIR}/etc" > > How does this work with worlds with different UID/GID assignments? > Eg: the freebsd.org cluster? > > ${.CURDIR}/etc/master.passwd does not match the installed system. Case in point, the freebsd.org cluster has used postfix before sendmail gained its privilege separation. We had: postfix:*:25:postfix postdrop:*:26: .. long before sendmail added: smmsp:*:25: mailnull:*:26: On an existing machine we have: -r-xr-sr-x 1 root smmsp 719336 Jan 6 15:13 /usr/libexec/sendmail/sendmail But on the freebsd.org machines that have machines dating back to 1998, this change would cause: -r-xr-sr-x 1 root postfix 719336 Jan 6 15:13 /usr/libexec/sendmail/sendmail With a silent change like that, if the admin doesn't notice.. who can tell what would happen? Silently giving sendmail setgid access to another subsystem's gid is.. just POLA violation at every conceivable level and potentially dangerous. These tools from netbsd were meant for cross compiling.. ie: when DESTDIR != /. -- Peter Wemm - peter@wemm.org; peter@FreeBSD.org; peter@yahoo-inc.com; KI6FJV bitcoin:188ZjyYLFJiEheQZw4UtU27e2FMLmuRBUE