Date: Sun, 23 Mar 1997 16:29:52 +0100 From: j@uriah.heep.sax.de (J Wunsch) To: peter@spinner.DIALix.COM (Peter Wemm) Cc: dv@kis.ru (Dmitry Valdov), freebsd-bugs@freebsd.org, security-officer@freebsd.org Subject: Re: sendmail can't create PID file because of owner permission of /var/run Message-ID: <19970323162952.NW34878@uriah.heep.sax.de> In-Reply-To: <199703231520.XAA05026@spinner.DIALix.COM>; from Peter Wemm on Mar 23, 1997 23:20:33 %2B0800 References: <19970323153519.BW27841@uriah.heep.sax.de> <199703231520.XAA05026@spinner.DIALix.COM>
next in thread | previous in thread | raw e-mail | index | archive | help
As Peter Wemm wrote: > Hmm.. this makes me rather nervous.. safefile() is a sensative component > of the security system in sendmail to avoid .forward security holes and so > on. Any changes here could have devastating consequences. Yep, that's why i've Cc'ed you and the security officers. I didn't think it's a good fix either, but now i've got your attention. *grin* > IMHO, this patch is going 180 degrees in the wrong direction. We should > have the system directories and binaries root:bin and not group writeable. > NFS access makes uid and gid bin far too vulnerable. Hmm. Anybody who's going to share his /var/run over NFS deserves to be shot with coredumps not below 5 MB per day... Same for /var/log and /var/spool, to the least. (It might make sense to NFS-mount it for a diskless machine, but if you cannot trust your boot server, you shouldn't boot diskless at all.) OTOH, i don't see why it should be writeable to `bin' either, if at all, it should probably be writeable for `daemon'. Still, i think sendmail is doing silly at this point. (Note safefile() itself, but the use of safefile() for the PID file. But, yes, i know, one of the more embarassing vulnerabilities of sendmail recently was related to people allowed to restart the daemon...) -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19970323162952.NW34878>