Date: Mon, 24 Mar 1997 00:11:35 +0800 From: Peter Wemm <peter@spinner.DIALix.COM> To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) Cc: dv@kis.ru (Dmitry Valdov), freebsd-bugs@freebsd.org, security-officer@freebsd.org Subject: Re: sendmail can't create PID file because of owner permission of /var/run Message-ID: <199703231611.AAA05625@spinner.DIALix.COM> In-Reply-To: Your message of "Sun, 23 Mar 1997 16:29:52 %2B0100." <19970323162952.NW34878@uriah.heep.sax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
J Wunsch wrote: > Still, i think sendmail is doing silly at this point. (Note > safefile() itself, but the use of safefile() for the PID file. But, > yes, i know, one of the more embarassing vulnerabilities of sendmail > recently was related to people allowed to restart the daemon...) Don't forget, the pid file is (or might become) an "option" in the .cf file.. ie: sendmail -o' 'PidFile=/tmp/sendmail.pid. Quite what Eric has in mind, I am not sure. I have a vague feeling that the reason for the safefopen() in the first place was for cases where the pid file was not stored in a "secure" directory, eg: /tmp, or a generic pid's directory that's mode 1777. If you take out the safefopen(), you'd better be sure that nobody who is using freebsd anywhere has done this, as it's supposedly safe to do under generic sendmail-8, but making it no longer safe under freebsd is risky. Cheers, -Peter
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199703231611.AAA05625>