From owner-freebsd-security  Mon Nov 18 07:45:52 1996
Return-Path: owner-security
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id HAA23046
          for security-outgoing; Mon, 18 Nov 1996 07:45:52 -0800 (PST)
Received: from knecht.Sendmail.ORG (root@knecht.oxford.reference.com [205.217.47.98])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id HAA23029;
          Mon, 18 Nov 1996 07:45:43 -0800 (PST)
Received: from knecht.Sendmail.ORG (eric@LOCALHOST [127.0.0.1]) by knecht.Sendmail.ORG (8.8.3/8.8.3) with ESMTP id HAA25568; Mon, 18 Nov 1996 07:45:15 -0800 (PST)
Message-Id: <199611181545.HAA25568@knecht.Sendmail.ORG>
X-Mailer: exmh version 1.6.7 5/3/96
To: "S(pork)" <spork@super-g.com>
From: Eric Allman <eric@sendmail.org>
X-URL: http://WWW.InReference.COM/~eric
cc: Igor Roshchin <igor@alecto.physics.uiuc.edu>,
        Ollivier Robert <roberto@keltia.freenix.fr>,
        freebsd-security@freebsd.org, freebsd-hackers@freebsd.org
Subject: Re: New sendmail bug... 
In-reply-to: Mail from "S(pork)" <spork@super-g.com> 
	dated Sun, 17 Nov 1996 21:39:11 CST
	<Pine.LNX.3.92.961117213451.15315A-100000@super-g.inch.com> 
Date: Mon, 18 Nov 1996 07:45:13 -0800
Sender: owner-security@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

I see there's been a lot of traffic, so this is probably answered
already -- but just remove the call to vendor_daemon_setup.

eric


============= In Reply To: ===========================================
: From:  "S(pork)" <spork@super-g.com>
: Subject:  Re: New sendmail bug... 
: Date:  Sun, 17 Nov 1996 21:39:11 -0600 (CST)

: But if one does have to run 8.7.6 until they have time to breath, does
: anyone know if the error that Igor and I are seeing compiling 8.7.6 from
: -stable can be avoided?  I first patched with the 2 line setgid, setuid
: patch I saw on the list, then I grabbed what was in the current -stable
: source and got the same error as Igor.  It compiled after deleting the
: line in main.c that I saw in the errors, and it seems to work, but
: reckless deletion scares me.  I wonder what the line was for....
: 
: Anyhow, any help is appreciated.
: 
: Thanks,
: 
: Charles
: 
: On Sun, 17 Nov 1996, Eric Allman wrote:
: 
: > This patch is against 8.8.2, not 8.7.6.  You need to upgrade to 8.8;
: > 8.7.x is no long supported.
: >
: > eric
: >
: >
: > ============= In Reply To: ===========================================
: > : From:  igor@alecto.physics.uiuc.edu (Igor Roshchin)
: > : Subject:  Re: New sendmail bug...
: > : Date:  Sun, 17 Nov 1996 21:12:33 -0600 (CST)
: >
: > : Hello!
: > :
: > : May be I am missing something,
: > : but I was not able to compile the patched version
: > : of the sendmail 8.7.6.4,
: > : as it appears in FreeBSD distribution (sup.freebsd.org).
: > :
: > : main.o: Undefined symbol `_vendor_daemon_setup' referenced from text segm
ent
: > : *** Error code 1
: > :
: > :
: > : Is it a problem due to the version of FreeBSD ?
: > : I tried it on 2.1.5-stable and 2.1.5-release; -
: > : results were the same.
: > :
: > : Thanks in advance for your suggestions.
: > :
: > : IgoR
: > :
: > :
: > : >
: > : > ------- main.c -------
: > : > *** -	Wed Dec 31 16:00:00 1969
: > : > --- main.c	Sat Nov 16 07:07:17 1996
: > : > ***************
: > : > *** 493,507 ****
: > : >   			{
: > : >   			  case MD_DAEMON:
: > : >   			  case MD_FGDAEMON:
: > : > ! # ifdef DAEMON
: > : > ! 				if (RealUid != 0)
: > : > ! 				{
: > : > ! 					usrerr("Permission denied");
: > : > ! 					exit(EX_USAGE);
: > : > ! 				}
: > : > ! 				vendor_daemon_setup(CurEnv);
: > : > ! 				/* fall through ... */
: > : > ! # else
: > : >   				usrerr("Daemon mode not implemented");
: > : >   				ExitStat = EX_USAGE;
: > : >   				break;
: > : > --- 493,499 ----
: > : >   			{
: > : >   			  case MD_DAEMON:
: > : >   			  case MD_FGDAEMON:
: > : > ! # ifndef DAEMON
: > : >   				usrerr("Daemon mode not implemented");
: > : >   				ExitStat = EX_USAGE;
: > : >   				break;
: > : > ***************
: > : > *** 899,904 ****
: > : > --- 891,904 ----
: > : >   		/* fall through ... */
: > : >
: > : >   	  case MD_DAEMON:
: > : > + 		/* check for permissions */
: > : > + 		if (RealUid != 0)
: > : > + 		{
: > : > + 			usrerr("Permission denied");
: > : > + 			exit(EX_USAGE);
: > : > + 		}
: > : > + 		vendor_daemon_setup(CurEnv);
: > : > +
: > : >   		/* remove things that don't make sense in daemon mode *
/
: > : >   		FullName = NULL;
: > : >   		GrabTo = FALSE;
: > : > ***************
: > : > *** 1932,1937 ****
: > : > --- 1932,1946 ----
: > : >   		syslog(LOG_INFO, "restarting %s on signal", SaveArgv[0]
);
: > : >   #endif
: > : >   	releasesignal(SIGHUP);
: > : > + 	if (setuid(RealUid) < 0 || setgid(RealGid) < 0)
: > : > + 	{
: > : > + #ifdef LOG
: > : > + 		if (LogLevel > 0)
: > : > + 			syslog(LOG_ALERT, "could not set[ug]id(%d, %d):
 %m",
: > : > + 				RealUid, RealGid);
: > : > + #endif
: > : > + 		exit(EX_OSERR);
: > : > + 	}
: > : >   	execv(SaveArgv[0], (ARGV_T) SaveArgv);
: > : >   #ifdef LOG
: > : >   	if (LogLevel > 0)
: > : >
: > : >
: > :
: >
: >
: >
: