From owner-freebsd-security Thu Dec 3 12:56:01 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id MAA20825 for freebsd-security-outgoing; Thu, 3 Dec 1998 12:56:01 -0800 (PST) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from burka.rdy.com (burka.rdy.com [205.149.163.30]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id MAA20774 for ; Thu, 3 Dec 1998 12:55:56 -0800 (PST) (envelope-from dima@burka.rdy.com) Received: (from dima@localhost) by burka.rdy.com (8.9.1/RDY&DVV) id MAA07083; Thu, 3 Dec 1998 12:55:19 -0800 (PST) Message-Id: <199812032055.MAA07083@burka.rdy.com> Subject: Re: mail.local In-Reply-To: from Robert Watson at "Dec 3, 1998 12:36:36 pm" To: robert+freebsd@cyrus.watson.org Date: Thu, 3 Dec 1998 12:55:19 -0800 (PST) Cc: woodford@cc181716-a.hwrd1.md.home.com, security@FreeBSD.ORG X-Class: Fast Organization: HackerDome Reply-To: dima@best.net From: dima@best.net (Dima Ruban) X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org Robert Watson writes: > On Thu, 3 Dec 1998, Bill Woodford wrote: > > > | Could somebody remind me of outcome of removing suid bit from mail.local > > | discussion? > > > > Hmmm, if you remove it, I believe local mail delivery will cease due to > > permission problems. > > That is my memory of the conclusions, at least when sendmail is not > executing mail.local. If sendmail is executing it (and sendmail is > running as root) then I think it does behave correctly, at least when > sendmail is running as a daemon. I'm not sure if it behaves correctly > when sendmail is running setuid from a normal user account as invoked by, > say, pine. My feeling is more and more that we should be using protocols Yeah, it works allright. We've had this change for about 3-4 month (I think) here and there's no problems. > such as IMAP for mail access rather than try to fit everything into the > context of file system permissions, as that requires us to come up with > warped program behavior (such as making more things setuid than actually > need to be :). It might be interesting to rewrite an imap daemon to use > UNIX daemon sockets and ephemeral credential information to authenticate > the user, and similarly have a local SMTP-style domain socket also using > ephemeral data for authentication. BSD (and other Unices also) provide us > with a lot of tools to make life easier than we actually take advantage of > :). Well, it's a totally different discussion. Let's concentrate on a problems one at a time :-) > > Robert N Watson > > robert@fledge.watson.org http://www.watson.org/~robert/ > PGP key fingerprint: 03 01 DD 8E 15 67 48 73 25 6D 10 FC EC 68 C1 1C > > Carnegie Mellon University http://www.cmu.edu/ > TIS Labs at Network Associates, Inc. http://www.tis.com/ > SafePort Network Services http://www.safeport.com/ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message > -- dima To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message