From owner-freebsd-ports  Thu Jan 15 00:51:51 1998
Return-Path: <owner-freebsd-freebsd-ports@FreeBSD.ORG>
Received: (from majordom@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id AAA18646
          for freebsd-ports-outgoing; Thu, 15 Jan 1998 00:51:51 -0800 (PST)
          (envelope-from owner-freebsd-freebsd-ports@FreeBSD.ORG)
Received: (from gnats@localhost)
          by hub.freebsd.org (8.8.8/8.8.8) id AAA18594;
          Thu, 15 Jan 1998 00:51:38 -0800 (PST)
          (envelope-from gnats)
Received: from PeeCee.tbe.com ([192.88.94.254])
          by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id PAA06701
          for <FreeBSD-gnats-submit@freebsd.org>; Tue, 13 Jan 1998 15:28:26 -0800 (PST)
          (envelope-from dkelly@PeeCee.tbe.com)
Received: (from dkelly@localhost)
        by PeeCee.tbe.com (8.8.7/8.8.7) id OAA26900;
        Tue, 13 Jan 1998 14:49:33 -0600 (CST)
        (envelope-from dkelly)
Message-Id: <199801132049.OAA26900@PeeCee.tbe.com>
Date: Tue, 13 Jan 1998 14:49:33 -0600 (CST)
From: dkelly@nebula.tbe.com
Reply-To: dkelly@nebula.tbe.com
To: FreeBSD-gnats-submit@FreeBSD.ORG
Cc: dkelly@nebula.tbe.com
X-Send-Pr-Version: 3.2
Subject: ports/5494: popauth in popper
Sender: owner-freebsd-freebsd-ports@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org


>Number:         5494
>Category:       ports
>Synopsis:       regular user can not change popauth secret
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-ports
>State:          open
>Quarter:
>Keywords:
>Date-Required:
>Class:          support
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jan 15 00:51:26 PST 1998
>Last-Modified:
>Originator:     David Kelly
>Organization:
n/a
>Release:        FreeBSD 2.2.5-STABLE i386
>Environment:

PeeCee: {1044} ls -ld /var/db/pkg/qpop*
drwxr-xr-x  2 root  bin  512 Jan 12 12:28 /var/db/pkg/qpopper-2.41b1/

>Description:

Normal user can not change popauth secret even after root creates it.

>How-To-Repeat:

PeeCee: {1075} which popauth
/usr/local/bin/popauth
PeeCee: {1076} ls -l `which popauth`
---s--x--x  1 pop  bin  12288 Jan 12 12:28 /usr/local/bin/popauth*
PeeCee: {1077} popauth -user
popauth: missing argument to -user
PeeCee: {1078} popauth -user dkelly
popauth: Only superuser or user 'pop' can perform the requested function

(the above demonstrates the problem)

PeeCee: {1079} su
Password:
PeeCee: [1001] popauth -list
dkelly

(see, I really have an existing entry in the database)

PeeCee: [1002] ls -l /usr/local/etc/popper
total 16
-rw-------  1 pop  mail  16384 Jan 12 16:31 pop.auth.db
PeeCee: [1003]

man popauth says:
DESCRIPTION
       The popauth program allows a POP-subscriber to change  the
       secret value used to generate their authentication creden-
       tials.  In addition, the super-user or master POP user may
       use  this  program  to  either add or remove a user, or to
       print public information from it.  Only the super-user may
       initialize  the database.  popauth is useful only when the
       APOP configuration option is defined.  (This configuration
       option defines the name of the POP authorization DB.)

So I'm of the opinion a normal user *should* be able to change their
secret.

>Fix:
        
Looking at the source code I see its coded
    
    myuid = getuid();

    if ((pw = getpwnam (POPUID)) == NULL)
        adios ("\"%s\": user-id unknown", POPUID);

    if (pw->pw_uid == myuid)
        popuser = 1;
  
    if (myuid && !popuser && (delesw || initsw || listsw || (usersw != NULL))) 
        adios("Only superuser or user '%s' can perform the requested function",
            POPUID);

changing the first line from "getuid()" to "geteuid()" would fix it, I think,
but would like 2nd opinions before turning my user's loose with it.

>Audit-Trail:
>Unformatted: