From owner-freebsd-questions Fri Sep 27 9:36:11 2002 Delivered-To: freebsd-questions@freebsd.org Received: from mx1.FreeBSD.org (mx1.FreeBSD.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E223637B401 for ; Fri, 27 Sep 2002 09:36:09 -0700 (PDT) Received: from bast.unixathome.org (bast.unixathome.org [216.187.105.150]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2856843E88 for ; Fri, 27 Sep 2002 09:36:09 -0700 (PDT) (envelope-from dan@langille.org) Received: from wocker (wocker.unixathome.org [192.168.0.99]) by bast.unixathome.org (Postfix) with ESMTP id 96A933F4B; Fri, 27 Sep 2002 12:36:07 -0400 (EDT) From: "Dan Langille" To: Matthew Seaman Date: Fri, 27 Sep 2002 12:34:21 -0400 MIME-Version: 1.0 Subject: Re: sendmail: File descriptors missing on startup: stderr; Bad file descriptor Cc: freebsd-questions@FreeBSD.ORG Message-ID: <3D94504D.7219.709D8853@localhost> In-reply-to: <20020927163141.GA16132@happy-idiot-talk.infracaninophi> References: <3D941EE0.5166.6FDC7551@localhost> X-mailer: Pegasus Mail for Windows (v4.02) Content-type: text/plain; charset=US-ASCII Content-transfer-encoding: 7BIT Content-description: Mail message body Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG On 27 Sep 2002 at 17:31, Matthew Seaman wrote: > On Fri, Sep 27, 2002 at 09:03:28AM -0400, Dan Langille wrote: > > I keep seeing this in /var/log/maillog but do not know the cause: > > > > sendmail[42390]: File descriptors missing on startup: stderr; Bad > > file descriptor > > > > I'm on FreeBSD 4.6-STABLE #0: Thu Sep 26 09:02:16 EDT 2002 with > > sendmail 8.12.5 > > > > Any ideas on cause/fix? > > What command line are you using to start sendmail? That error message > suggests that the stderr file descriptor, which sendmail inherits from > the shell where it is started, is bogus. The kernel will sanity check > the standard descriptors when starting up SUID or SGID processes, and > if any are closed, will open them up again on /dev/null. There was an > egregious security bug exploiting that situation going the rounds a > few months ago. See > ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-02%3A23.s > tdio.asc > > However, that was fixed before 4.6-RELEASE. Also I believe that it > was never possible to attack sendmail that way because the first thing > sendmail does when being started in daemon mode is to walk through > it's filedescriptor table and close them all down. The standard 0, 1, > 2 descriptors are then immediately re-opened onto /dev/null. That's > something that should be standard procedure for starting up any > daemonized process and it is built into the daemon(3) function. I'm sorry, I didn't mean for this message to go out. I've solved the problem by upgrading netsaint. Thank you for your reply. -- Dan Langille I'm looking for a computer job: http://www.freebsddiary.org/dan_langille.php To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message