From owner-freebsd-bugs Sun Mar 23 06:51:42 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id GAA08664 for bugs-outgoing; Sun, 23 Mar 1997 06:51:42 -0800 (PST) Received: from sax.sax.de (sax.sax.de [193.175.26.33]) by freefall.freebsd.org (8.8.5/8.8.5) with SMTP id GAA08659; Sun, 23 Mar 1997 06:51:30 -0800 (PST) Received: (from uucp@localhost) by sax.sax.de (8.6.12/8.6.12-s1) with UUCP id PAA01198; Sun, 23 Mar 1997 15:50:58 +0100 Received: (from j@localhost) by uriah.heep.sax.de (8.8.5/8.8.5) id PAA11324; Sun, 23 Mar 1997 15:35:19 +0100 (MET) Message-ID: <19970323153519.BW27841@uriah.heep.sax.de> Date: Sun, 23 Mar 1997 15:35:19 +0100 From: j@uriah.heep.sax.de (J Wunsch) To: dv@kis.ru (Dmitry Valdov) Cc: freebsd-bugs@freebsd.org, peter@spinner.DIALix.COM (Peter Wemm), security-officer@freebsd.org Subject: Re: sendmail can't create PID file because of owner permission of /var/run References: X-Mailer: Mutt 0.60_p2-3,5,8-9 Mime-Version: 1.0 X-Phone: +49-351-2012 669 X-PGP-Fingerprint: DC 47 E6 E4 FF A6 E9 8F 93 21 E0 7D F9 12 D6 4E Reply-To: joerg_wunsch@uriah.heep.sax.de (Joerg Wunsch) In-Reply-To: ; from Dmitry Valdov on Mar 23, 1997 16:56:31 +0300 Sender: owner-bugs@freebsd.org X-Loop: FreeBSD.org Precedence: bulk As Dmitry Valdov wrote: > sendmail doesn't create sendmai.pid file > if /var/run directory owned by other than root. Default owner of /var/run in > 2.2R is 'bin'. The problem appears in 2.1.5R too. > sendmail version is 8.8.5 > > Workaround: > chown root:bin /var/run safefile() in sendmail/src/util.c goes great lengths to ensure files are only attempted to be opened if the permissions of the directory allow this. Anyway, it looks as if it requires any directory to be world-writeable if the directory is not owned by the owner of the requesting process -- even if the owner is root. I'm not sure wheather this is a bug or a feature. The following diff fixes this, but i'm not 100 % sure wheather this fix is right or not. cvs diff: Diffing /usr/src/usr.sbin/sendmail/src Index: /usr/src/usr.sbin/sendmail/src/util.c =================================================================== RCS file: /home/cvs/src/usr.sbin/sendmail/src/util.c,v retrieving revision 1.12 diff -u -u -r1.12 util.c --- util.c 1997/01/27 07:43:29 1.12 +++ util.c 1997/03/23 14:28:49 @@ -627,7 +627,7 @@ if (stat(fn, &stbuf) >= 0) { int md = S_IWRITE|S_IEXEC; - if (stbuf.st_uid != uid) + if (uid != 0 && stbuf.st_uid != uid) md >>= 6; if ((stbuf.st_mode & md) != md) errno = EACCES; -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)