Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 09 Dec 96 13:11:56 -0800
From:      Cy Schubert - ITSD Open Systems Group <cschuber@uumail.gov.bc.ca>
To:        bmk@pobox.com
Cc:        security@freebsd.org
Subject:   Re: Running sendmail non-suid 
Message-ID:  <199612092111.NAA17991@passer.osg.gov.bc.ca>
In-Reply-To: Your message of "Mon, 09 Dec 96 10:09:55 PST." <199612091809.KAA11729@itchy.atlas.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

> I'm setting up an internet-connected mail hub, and I'd like to run
> sendmail not suid root.  I won't be needing any ~/.forward nonsense,
> as this machine will have no users at all, and will only forward mail
> based on /etc/aliases.  There will be no local mailboxes on this machine
> at all.
> 
> My intention for running sendmail without suid set is so that I can
> hopefully avoid some of the security problems that we've seen with
> sendmail in the past.
> 
> Ideally, what I'd like to do is have sendmail running as root only long
> enough to bind to the smtp port, and then give up root, never to have
> it back.  Preferably, running as 'nobody' or some other 'safe' user.
> 
> Has anyone actually done this?  Any advice or gotchas to look out for?
> Am I insane for wanting to do this?

First you will need to create an smtp account.

Next, chown /var/spool/mqueue, /var/mail, and /usr/sbin/sendmail to user
smtp.

Run a cronjob out of root's cron every 5 minutes to process the queue.

Using this approach you'll manage to stop 95% of any attempts to use
sendmail to gain access to root.  There is still a possibility of gaining
root with this setup if your smtp account is hacked.  It would be a matter
of creating a mail spool file to setup a setuid-root shell.  The general
consensus has usually been that this approach is less secure because it is
easier to gain access to a user account than root.


Regards,                       Phone:  (250)387-8437
Cy Schubert                    OV/VM:  BCSC02(CSCHUBER)
Open Systems Support          BITNET:  CSCHUBER@BCSC02.BITNET
ITSD                        Internet:  cschuber@uumail.gov.bc.ca
                                       cschuber@bcsc02.gov.bc.ca

		"Quit spooling around, JES do it."

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612092111.NAA17991>